Posts Tagged ‘IT’

I started working at the ripe’ole age of 16 and since then I’ve had 5 jobs including SoftLayer. I started off at “bullseye” which consisted of straightening merchandise shelves and onto being a cashier. For my second job, I moved on to harassing customers into purchasing leather from a well known mall leather supplier, but for some reason I was having extra-long chili cheese conies and bacon, egg and cheese toasters on my mind, so I made the move to “rollerskates” for job number three. These jobs gave me a decent income (for being 16-18 yrs old), but I knew I didn’t want to be hopping from job to job for the rest of my life… I needed to find a place to grow roots, a place that paid me what I was worth, and finally a place where growth within the company was available. So, I moved to the world of retail digital imaging (large format printing) with a local Dallas company. I started in the shipping and receiving department, slowly learning the whole production side of the company as I knew that is where I could grow. Four long years passed, roots in the company were set fairly deep, or so I thought and the opportunity was “kinda” there, but ultimately I was not happy.

The opportunity for me to work at SL came thru a friend and former colleague at the printing company, Shawna (thanks Shawna!) who left because she also saw the huge potential with SL. At the time I was so ready for something new, but I’ll have to admit, I was a bit reluctant to take the chance because of the four years I had invested, and my lack of knowledge in IT, and particularly SL, knowing that they were doing things that had never been done before (I did my homework). Needless to say I took the chance, and was hired on as an Infrastructure Engineer.

As an Infrastructure Engineer at SL responsibilities range from installing cage nuts, rails, filler panels all the way to installing Cisco switches and Ethernet cables. Basically making sure that the racks are ready to be populated with servers and sold to new or existing customers wanting to expand their business. I can only speak for myself, but there is a great sense of pride when you step back and look at all the live racks you just painstakingly set up, knowing the hard work you had invested was not only helping SL grow but knowing that I had taken a bigger step into starting a solid career.

Yes, I was hired on as an Infrastructure Engineer, but was not just limited to that position. I have been here for over 2 years already and having some of the best times of my life, the opportunities to advance are there, they look for it in their staff, they want me to succeed, knowing it only helps them to succeed as well. What’s next you ask? To be continued…

A customer called up concerned the other day after getting a dire looking warning in Firefox3 regarding a self-signed SSL certificate.

“The certificate is not trusted because it is self signed.”

In that case, she was connecting to her Plesk Control Panel and she wondered if it was safe. I figured the explanation might make for a worthwhile blog entry, so here goes.

When you connect to an HTTPS website your browser and the server exchange certificate information which allows them to encrypt the communication session. The certificates can be signed in two ways: by a certificate authority or what is known as self-signed. Either case is just as good from an encryption point of view. Keys are exchanged and data gets encrypted.

So if they are equally good from an encryption point of view why would someone pay for a CA signed certificate? The answer to that comes from the second function of an SSL cert: identity.

A CA signed cert is considered superior because someone (the CA) has said “Yes, the people to whom we’ve sold this cert have convinced us they are who they say they are”. This convincing is sometimes little more than presenting some money to the CA. What makes the browser trust a given CA? That would be its configured store of trusted root certificates. For example, in Firefox3, if you go to Options > Advanced > Encryption and select View Certificates you can see the pre-installed trusted certificates under the Authorities tab. Provided a certificate has a chain of signatures leading back to one of these Authorities then Firefox will accept that it is legitimately signed.

To make the browser completely happy a certificate has to pass the following tests:

1) Valid signature
2) The Common Name needs to match the hostname you’re trying to hit
3) The certificate has to be within its valid time period

A self-signed cert can match all of those criteria, provided you configure the browser to accept it as an Authority certificate.

Back to the original question… is it safe to work with a certificate which your browser has flagged as problematic. The answer is yes, if the problem is expected, such as hitting the self-signed cert on a new Plesk installation. Where you should be concerned is if a certificate that SHOULD be good, such as your bank, is causing the browser to complain. In that case further investigation is definitely warranted. It could be just a glitch or misconfiguration. It could also be someone trying to impersonate the target site.

Until next time… go forth and encrypt everything!

The biggest headache in owning an IT company is security. Its also one of those things especially for a smaller company you don’t think you need till something happens. This always reminds me of when I was in boy scouts. “Be Prepared”.

IT security is a big business, but there are a lot of things we can do to prepare ourselves so we don’t have to spend hundreds or even thousands of dollars. Everyone in the IT world has to spend money on this one way or another. It could be spending your own time to secure your services, or paying someone to do it for you. If you don’t do either one of these, you’re going to end up losing money when you do get attacked or hacked.

The key is to be proactive, and not reactive. If you are always running after something its harder to catch than if your in front of it ready for it to come. So what we need is a plan, or maybe two. One plan is needed to set up security, and a second should be used to keep an eye on what is going on so things don’t get out of hand.

Some may know where to start when it comes to securing your server. You are in luck. I am going to go over the simple and most important steps to securing your server.

HOST ACCESS

This is the most important step to security. You don’t want people to be able to gain access to your system. There are some very simple steps to doing this.

1. Remote Console

The first thing you should do when setting up your server is to restrict the remote access to your server.

1 = Change the access port ( you can change the access port of both sshd and remote desktop)

2 = Use a secure password (SoftLayer has tools in the portal just to help you make a secure password)

3 = Only allow connections to remote access from trusted networks (this can be done by a firewall solution)

SoftLayer provides one solution that makes this really easy: our Internal Network and VPN. You can just setup your software to allow connections from 10.0.0.0/8 network and you are now protected!

2. Firewalls

This is a must have, and the good thing is that software firewalls are FREE. Both Windows and Linux O/S come with firewalls. Now we just have to set it up. Setting up firewalls can sometimes be hard, but most people don’t need anything fancy. Accept for the services you use, and deny everything else. Also remember if you do want remote access available via your public IPs, your really should restrict those ports via a firewall to make sure only your networks can access it.

AUDITING

This is next most important step to be proactive. The great thing is yet again SoftLayer provides you with the tools for FREE!

1. IDS (Intrusion Detection System)

This technology works by looking at all the little packets coming in and decides if it is bad traffic or good traffic. The hardware and software of this can be very hard to setup, and or very expensive. But you don’t have to worry about this. SoftLayer has farms of IDS hardware there for you, FOR FREE!

2. Scanning

1 = Virus

You will always want to make sure your data is clean and the best way to do that is a weekly virus scanning on your machine. The great thing is we also provide you with the software to do this FREE!

2 = Network

One of the best ways to looks for security problems is to have someone run a network scan on your system. These tools let you find all the holes that you may need to patch up so that your system is secure. Yet again SoftLayer provides you this tool for FREE!

So there you have it a short list of things to do, that will help you keep your data safe and out of the hands of hackers. Security is very important to you as an owner, and for your customers. Just remember if you are proactive, you can cut out a lot of the headaches later on. The other thing to keep in mind when doing this stuff for the first time is to document your steps. Now that you did all the leg work once, now you have a check list on how to do it every time you business expands and you order a new server.

From the beginning of my coming of age in the IT industry, It’s been one thing – Windows. As a system administrator in a highly mobile Windows environment, you learn a thing or two to make things tick, and to make them keep ticking. I had become quite proficient with the Active Directory environment, and was able to keep a domain going. While windows is a useful enterprise-grade server solution, it’s certainly not the only solution. Unfortunately when I made my departure from that particular environment, I hadn’t had much exposure to the plethora of options available to an administrator.

Then Along comes SoftLayer, and opens my eyes to an array of new (well, at least to me) operating systems. Now, I had begun my ‘new’ IT life, with exposure to the latest and greatest, to include Windows, as well as virtualization software such as Xen and Virtuozzo, and great open source operating systems such as CentOS, and FreeBSD. With the new exposure to all these high-speed technologies, I felt that maybe it was time for me to let the de-facto home operating system take a break, and kick the tires on a new installation.

I can say that while switching to open source was a bit nerve racking, it ended up being quick and painless, and I’m not looking back. I’ve lost a few hours of sleep here and there trying to dive in and learn a thing or two about the new operating system, as well as making some tweaks to get it just like I like it. The process was certainly a learning experience, and I’ve become much more familiar with an operating system that, at first, can seem rather intimidating. I went through a few different distributions till I settled on one that’s perfect for what I do (like reading the InnerLayer, and finishing the multitude of college papers).

The only problem with always reloading a PC is you have to sit there and watch it. It doesn’t hurt to have a TV and an MP3 player sitting around while you configure everything and get the reload going, but you still have to be around to make sure everything goes as planned. Imagine this… You click a button, and check back in a few. Sound Familiar? Yep, it would have been nice to have an automated reload system much like we have here at SoftLayer. Not to mention, if something goes awry, there’s the assurance that someone will be there to investigate and correct the issue. That way, I can open a cold one, and watch the game, or attend to other matters more important than telling my computer my time zone.

In the ever-changing world of IT, there are few times when a technician gets to relax. There are always new issues, new products/services, and long hours of investigation. However, once in awhile you find a moment of Zen in all the commotion: Rack Prep.

Recently, I had assigned myself to Rack Prep to allow my teammates to focus on their other duties. During this time, I was able to complete a large portion of the rack assembly process and release myself from the direct stresses of the IT environment in a busy NOC (network operations center).

The preparation of new racks in the datacenter is an arduous (and sometimes monotonous) task, but gives a technician time to reflect on his accomplishments and direction for his career. There are no distractions, other than the occasional dropped cage nut or screw. This allows the free mind to ponder the inner workings of itself and the body it inhabits.

I thought about the first time I had installed a rack rail. I had only been working in IT for a few months and was assigned to the task due to my lack of knowledge on the other portions of the project. I learned a lot that summer about architecture of hardware, networks, and even business.

I had time to think about how I had arrived at one of the fastest-growing host providers in the world. All the different places I had worked. I remembered the people who shared information – technical or otherwise – which had furthered my ability to solve issues – in servers and myself.

I remembered the managers and supervisors that I looked up to and hope to emulate in my current position in management. I was trying to remember all the wisdom which had been passed to me, leading me to reevaluate my approach and initiatives.

In short, the Rack Prep allowed me to reflect on all the things in my life. I was able to forget the current project while mindlessly pushing in cage nuts and look at my career from a wider perspective. Luckily, I can say that I am proud of how far I have come. Now, I have to install the cables which require much more thought. I better leave the Zen and continue with the task at hand.

.IIIi

Outsource IT! I have been saying that for years now. But now I say; outsourcer beware!?!?! Really? How do you know if the company you are calling upon to keep your business up and running is safe and sound? Do they have certifications? Are they registered with the Better Business Bureau? Do they have scary fine print in the Terms of Service or User Agreement? Do you actually read those and understand them? How do you find out about all the questions above? Do you go to trade shows? Do you read about companies on the Hosting forum sites? Do you hear it from your friends? There are lots of ways to get that kind of information in today’s social internet jungle. Do you follow the company on Facebook, Twitter, MySpace, Linked-In, or all of the above? Should you? So many questions…

I am going to assume that you think this blog is going to be about how SoftLayer is a reputable, certified PCI compliant and SAS 70 datacenter, with competent and caring employees that can put themselves in the customer’s shoes and understand the frustrations that can go along with outsourcing your datacenter needs. Nah, that would be too easy and not very much fun.

This blog is about mud. Yes, I said mud. I was driving down a county road in Texas recently and we had a bit of rain in the days leading up to my trip. If you aren’t from Texas then you need a quick definition of “County Road”. A county can be paved, gravel or dirt topped and can be a great road or a horrible road, it just depends on the county that it is in, the tax base, and the abilities of the crews hired by the county to maintain them. I was travelling down a very wet gravel top county road, following along on my cell with GPS and Google maps and was about a mile from my destination. In what seemed the blink of an eye the road surface went from wet gravel to dirt and within about 10 feet my truck simply slid off the road into a nice 4 foot ditch filled with rain water. Looks harmless in the picture below doesn’t it?

It was a nice soft splash landing but my city slicker tires had no chance of getting me out of that ditch even with 4X4 engaged. So when water started coming under the door into the cab of the truck, I knew it was going to be a bad hour or so. It was time to outsource. I called the ranch to see if they had anything that could pull me out but they said that I was in a pretty tough spot and didn’t think they could help. So what would any techie do, I googled mud towing in the closet town. Of course I picked the first place on the list and gave them a call. They said they had a mud recovery truck and they would be out in about 45 minutes. Awesome, just 45 minutes! This was at 4:30PM and it was pretty cold and still raining and the ditch was filling up even further with water. Outsourcer beware, I was expecting a “Mud Recovery Truck!” I had visions of monster trucks dancing in my head. Fail!

Now I have to say that there weren’t ten forums about mud towing in Navarro county that I could visit, or customer references readily available so I just had to take that leap of faith and trust in the skills of my saviors. And I have to give credit where credit is due, that truck really is a monster! It did things a Transformer would love to be able to do. It got stuck at least 30 times in the 5 hours it took them to get me out of the ditch. Yes, I said 5 hours. Did I mention that monster trucks can do very bad things to city 4X4’s? Thank goodness I have an Echo to drive back and forth to work.

So I don’t want to leave you hanging but my truck is in the shop now and I am still waiting on an estimate. Things I know are wrong; front right A-arm damage from forcibly pulling the truck over a stump in the ditch, alignment issues, check engine light on, cruise control doesn’t work anymore, passenger side back door pushed up about half an inch including damage at bottom from the same stump, muffler caved in and exhaust pipe dragging the ground, front bumper air damn ripped off and metal bumper bent outward, yea you guessed it the pesky stump again and last but not least I need an entire new jack assembly because it is either broken or lost in the mud or both I should say (attempting to jack the truck over the stump).

The moral of this blog, if you have the tools available to research the company you are going to outsource to and they have references be sure to use them. They might save you a $300 mud recovery bill and a $1000 deductible somewhere down the road.

Well, I have been here working for Softlayer for a week and it has been GREAT. Not great… UNBELIEVEABLE! I just graduated from ITT just down the street in Chantilly, Va with a degree unrelated to what I am doing right now. To be honest, I was afraid that I may not do too well with Softlayer, because of the material and positions they train for. I have quite a history with trouble understanding basic computer terms and how computers and electroncs work.

My brother is like a GOD in my family with electronics. He picked out our family PC, set up our wireless system, and fixed my laptops multiple times (I have had 4 in the past 3 years…) and he was a full-time CSA for a conference center while he was in high school. He tried to teach me and help me understand what he’s doing when he works on computers and I just couldnt process it in my mind. It just doesn’t click.

My very first class in ITT was Intro to Personal Computers. I got an A in classwork and homework by writing the papers and turning them in, but I couldnt even understand what I write. I did not do too well in tests and final exams and ended up with a B. No matter how hard I tried, I just couldnt make sense of what I’m reading in the books. We never did lab work, it was all just books and papers and black and white pictures.

My first day at Softlayer, I was very nervous. I thought the day would not end very well. Robert Guerra was my trainer for the first half of the week. He did an AMAZING job explaining EVERYTHING about the company, what my job is and parts of the server and everything in between. He did 500 times better than my teacher in college. Everything clicked almost right away. Of course, I did not remember every single thing the first time, it just had to be repeated to make everything perfect. I remember driving home with a HUGE smile on my face and saying “I LOVE this job!”

I never expected to be doing IT work, and I just think this is AWESOME! The facility looks amazing and everything is in tip-top shape and everything is very well organized. I have not worked in a cleaner environment until I got to Softlayer. There are not very many people in the WDC facility yet, but I have gotten to know many of them here and I feel very comfortable.

My other issue here is communication. Spark is a GREAT communication tool for the whole company of SoftLayer and it is helping me out a TON. I love the fact that we use instant messaging to communicate with Dallas and Seattle divisions and sort out problems and I love how everyone is friendly to one another. I cannot use a phone because of my hearing impairment and that is one reason why it is really hard to find jobs for me. A lot of job positions require someone to use a phone or radio and that cancels a LOT of opportunities for me. When I had to deal with that situation with one of my previous jobs, I had to pull someone aside and ask them a favor and help me out with phone use. Not a lot of people like to be pulled aside REPEATEDLY. Spark will help me rely on myself to talk to people myself and get all of the job done!

Thank you Robert Guerra and Eric Antonio for training and putting up with me for the past week! I have one more week of training to do with Eric and I am going to stop at nothing to make Softlayer proud.

-Clayton

Professional athletes have them. Doctors have them. Lawyers have them. Chefs have them. Movie Directors have them. Writers have them. NASCAR drivers have them too.

Are you lost yet? Wondering what this has to do with hosting or small businesses? It’s really very simple. Let’s dig into a few of them.

Athletes – most are very good at what they do, hit the ball, kick the ball, throw the ball, shoot the ball, swing the club, etc. They are so busy learning to be the best at their trade that they don’t have time for the business side of their business. What do they do? They outsource that to an agent. Jerry Maguire might be the SoftLayer of agents. The best, the top of the line, the cutting edge, like us. He gets what the players want and more and was a master at customer service. The players don’t mind giving part of their hard earned cash to him because of the benefit they get from him. It is a very symbiotic relationship.

Doctors – they are paid to fix people. They have to keep up with the latest threats to our health and the ways to fix us. They have almost continuous education to worry about and don’t have time to worry about the office, and the bills, and whether they are getting timely insurance payments, etc. They are there to do whatever they can to help their patients. What do they do? They outsource to an office manager who takes care of the day-to-day tasks that a doctor just doesn’t have time for and frankly shouldn’t have to worry about. It’s really just another form of outsourcing.

Chefs – this one is interesting because I am going to make the assumption that the chef owns the restaurant. I agree that many times there are restaurants that hire chefs, but the argument goes both ways. Let’s say you want to open a restaurant but you can’t cook. You outsource to a chef. To turn it around, a chef can cook but wants his own restaurant. He is a master at cooking and has studied in culinary schools for years to become a great chef. What does he do about running the place? He outsources to a restaurant manager. The manager takes care of HR, and guest services, and the chef does what he loves – cooks.

So where does this leave you? Are you an individual who knows (insert what you know here) and have studied it for years and you are the worlds expert on it? Are you a small business owner who is looking for ways to make the hours of the day last longer and find that competitive edge? Are you that IT manager who has hit the technology roadblock and your company doesn’t have the large capital for the things you need to continue to scale your infrastructure? If you are then you need to consider hiring an agent of your very own. SoftLayer can be your technology agent and allow you to focus on what you do best!

-Skinman

P.S. Lance is the greatest CEO EVER! Now pay up! (Worth a shot, right?)

As I have started to settle into my new role with SoftLayer, we have spent a lot of time meeting with various vendors and partners to discuss our overall vision and plan for 2008. In almost every one of those meetings we get to the same question: “What does a typical SoftLayer customer look like?” Or, the other version of that: “What is SoftLayer’s target customer?”

You would think this should be an easy question to answer. After all, we have over 4,500 loyal customers that rely on us each and every day to deliver on-demand, world class IT infrastructure. Surely, there must be some common thread among these customers. Being responsible for “Strategy & Marketing” I decided to look into this to come up with a standard reply to that question. The standard ways to do this from a marketing text book (i.e. “in theory”) perspective include:

• Industry – financial, manufacturing, retail, distribution, etc.
• Geography – typically regions within a country, or countries themselves
• Customer Size – normally based on revenue or employees
• “Retail” or “Wholesale” – are we selling to the final consumer of our products or to a reseller

The next step — look at our customer database and start to build up a profile based on those criteria. A relatively simple process, but the problem we found was that the four metrics above did not adequately define any of our customers. Some examples:

• Industry — we serve all possible combinations of traditional and new industry classifications; from large manufacturing, to Web 2.0 start ups and no single segment is more than 5% of our business
• Geography – we have customers in over 100 countries. Even in the US our customers come from every corner and every state in the country
• Customer Size – 1 employee to 50,000+ employees and everything in between; $0 in revenue to $10 billion and more
• Retail and Wholesale – almost an even split between the two groups

Being inquisitive by nature, I could not let this end with an answer like: “we have a very diverse set of customers that represent all industries, all geographies, and all customer size categories.” It did lead me down a path to start asking customers some questions like:

• Is IT infrastructure a critical component of your business?
• Do you need highly scalable IT to adjust for seasonality or growth in your business?
• Do you want a simple and flexible management tool to allow complete control of your data center infrastructure?
• Are enterprise grade solutions of value to your business, but something you cannot afford?
• Are you looking for innovative solutions to help drive your business forward?
• Do you value standards based processes and controls?

To steal a quote from a very, very distant relative… Eureka! While this might not be as significant a discovery as the wheel, fire, or the Archimedes’ screw, it did finally bring some clarity to our little customer debate. The vast majority of our customers answered “yes” to many or all of those questions. It also led me to understand what our customers do not want from us:

• Specialized application support
• Highly custom solutions that scale poorly
• Up-front fees and long term contract commitments

The net result is that our customers are segmented very differently than traditional methods would suggest. They are clustered around a common need that spans across all demographics. The customers that come to us are looking for a very special thing – the SoftLayer approach to IT management. If you belong to a company that can resonate with the questions above, you have come to the right place.

-@gkdog

Third in a series of three! In other words you won’t have to read this stuff anymore after this one. I will get back to the fun ones. I might try to make this one fun along the way. So I left off on the last one discussing some of the financial reasons and technical reasons to outsource your servers. This blog will be geared towards some ideas floating around in my head on what would be some good examples of outsourcing.

You have to step back and look at it from a different angle. If you aren’t ready to outsource the whole farm just yet, then you can go about it in a couple of different ways. One, you can outsource your sandbox, development, and/or test environment. We all know that with SAS 70 and SOX you have to have all of these (or most of them anyway). And outsourcing might be a good way of getting them in place. The cool thing about outsourcing any or all of those are you have a pristine environment and if it does get polluted somehow you can just reload the OS quickly and painlessly and try to tear it up again. Outsourced servers are great for this type of scenario. You can even get a few servers and carve them up virtually and have even more toys to play with. Now, you can just go buy new servers and have this in house but when they break or they are obsolete then you get to buy more. With an outsource model you can buy 1 or 100 and have them for 1 month or 2 years, it’s up to you, your needs, and your budget. You can add hardware, memory, change the OS daily, and only buy the License for a month instead of having to buy it outright when you buy your own servers. I personally believe this is a really good way to get acclimated to outsourcing and test the waters both with yourself and your boss. You always have to make sure they are ok with the way you are doing things. Well, sometimes anyway.

Another option with outsourcing is outsourcing production. Some bosses out in the world aren’t ready for this yet, but they will be. They like keeping their data close by and having multiple copies and instances and USB keys with copies on it, etc. That’s just the nature of data. Now we all know that you can have the same if not more redundancy in the outsourced model too, it is just hard to explain to them sometimes. I have to give them credit. Think about all the data in the world and how much of it we need to use every day. If folks like them didn’t demand that we techies keep it safe the world might have a bad day, I know I would. I use tons of data everyday (might be a fun blog).

If you decide to outsource dev/test or production you have the ability to scale quickly and accordingly when dealing with technology. Not having to be bogged down by worrying about hardware lead times, dealing with accounts payable, the receiving dock, and all the other worries you have when buying hardware is a liberating feeling. I know what you are thinking; I have been over this side of it a few times so I will just leave it at that but the numbers and today’s technology make it all come together and make good business sense.

Outsource IT!

-Skinman