• P
    Philip Koster

    I have worked in very few environments that had an actual dedicated router just for internal traffic. So given the fiscal limitation of one or the other, an L3 switch is a great choice for a small environment. Given you still have a 100 Mbps switch in the environment I would definitely look at going that direction. You have to watch pricing though as Cisco charges a pretty penny for the Advanced IP licensing on the Catalyst line. Not sure what the upcharge is on the SMB line if there is one. Pulling the ASA may improve the topology but that doesn't mean it will improve anything else. In an SMB where money is tight, concepts like "ideal" and "better" don't always have a place. Sometimes what works is the best choice you have.

    Unless the ASA is overloaded, I probably would go for something more like two cheaper, L2 switches and leave the ASA doing the routing. Not quite as future proofed but the ASA 5512 went end of sale in 2013 so I'm guessing this appliance is not new. So I would get the two cheaper L2 switches and push up a plan to replace the ASA with something beefier in the next year or two depending on load and age. I would also make that upgrade to something that is purpose built as both router and firewall (unlike the ASA) like a higher end UTM appliance. Just seems like a better financial move to me.

    I don't have all the details though and there are a lot of factors that can make this a bad recommendation. This is probably more useful as a point of discussion with your team than as an actual recommendation of any kind. Hope that helps.

    Phil

    posted in Cisco read more
  • P
    Philip Koster

    Why not just enable routing on the ASA and use that? ASA's do not have impressive spec's but you state the traffic is fairly light so it seems like you should be able to use EIGRP or OSPF from the ASA.

    http://www.cisco.com/c/en/us/td/docs/security/asa/asa84/configuration/guide/asa_84_cli_config/route_eigrp.html

    Phil

    posted in Cisco read more
  • P
    Philip Koster

    VMware VCP 3, 4, and 5. I don't need the full course for 6 to be certified. I would love a good "What's New" VCP 5-to-6 upgrade course before the May 8th certification extension runs out.

    Thanks.

    Phil

    posted in General Discussion read more
  • P
    Philip Koster

    How about adding the Project+ in as well?

    As a Senior Engineer I often have to lead and/or plan projects even though I am not a Project Manager. There is no way I have enough experience for the PMP and I don't generally need that in depth level of knowledge. I think the Project+ would be the proper "middleweight" project manager cert for my situation. Rarely do I work in organizations that have MS Project though so the MS Project course is not directly relevant. Usually we are using other tools such as ConnectWise or (gasp/choke/sputter) MS Excel.

    I am not overly familiar with PM cert's though so maybe there is a better one?

    Thanks.

    Phil

    posted in CompTIA read more
  • P
    Philip Koster

    I'm not 100% sure but I think just the renewal is necessary. If you have a DHCP address with lease time left and reboot when the DHCP server is unavailable, you will keep using the same address. If you do an ipconfig /release and /renew while the dhcp server is unavailable, you will get a MS 169 bogus address. If you reboot while the DHCP server is available while you have a lease with time left but the admin has set new information (like a reservation) then the computer will take the new lease.

    When I am doing server migrations I will update DHCP scopes for things like new DNS servers and if users have difficulties I will often tell them to reboot. It's easier then walking them through the release/flushDNS/renew process.

    Phil

    posted in CompTIA read more
  • P
    Philip Koster

    I would love to see the Storage+ Certification. As a follow on, the SCSA (SNIA Certified Storage Architect) would be awesome. But the Storage+ would tide me over for now.

    http://www.snia.org/education/certification

    Thanks.

    Phil

    posted in CompTIA read more
  • P
    Philip Koster

    It really is mostly based on personal preference minus the few key points brought up. I am a VMware VCP 3, 4 and 5 and have over 7 years experience as a VMware consultant at various partners. So I am jaded on a combination of old school and VMware based technology (as opposed to Xen or Hyper-V). But the rules I go by are:

    1. Never use extents (or dynamic disks in MS's world). It is essentially a software-based RAID 0. You loose a LUN to an over-zealous admin trying to clean up and you lost the whole extent (well, to be accurate you lost a lot of data, but not all, but that's not a whole lot better)
    2. Try not to mix workloads. I try to put disk intensive things like busy databases on their own LUN's and light workloads like domain controllers mixed on to larger LUN's. Even though most environments have a single SAN for multiple clusters, breaking out the heavy workloads still has advantages. One of the most important is that most SAN's these days do performance tracking and optimization per LUN. So that busy SQL DB can still get the SAN advantage if it is 1-to-1 DB to LUN. But if you busy that SQL server on a LUN with 10 other VM's of mixed loads, the other loads will mess up the SAN's performance numbers and the optimizations won't be as effective. It also gives you the flexability to move that LUN later on with less impact and the SAN based performance numbers of the business's main DB for their primary application can get you more money versus you struggling to figure out why your SAN seems to be performing badly.
    3. Separate based on size needed. Large servers like file servers with TB or more of data get their own LUN. I'm not going to fight that space battle.
    4. When in doubt, 750 GB is a good number. Leave an absolute minimum of 100 GB free for snapshots and logs.
    5. Disaster Recovery considerations. As Don mentioned, don't forget to take into account SAN replication. Many SANs will do better with incremental replication than the software counterparts. So do your homework first but if your homework will take too much time or is inconclusive, default to using the SAN based replication. That is nearly always done per LUN which means dividing your VM storage into LUNs that will be replicated and LUNs that will not be replicated.

    Hope that helps you somewhat too.

    posted in General Discussion read more
  • P
    Philip Koster

    https://www.ninite.com. Ninite is a fabulous, one stop resource for downloading utilities like that. None of the crap-ware bundled like download.com. Ninite also has a premium, ongoing maintenance offering for business and personal which is how they fund themselves. But you can do a one time download for free. As a Windows admin, I typically hit Ninite for new builds so I can quickly get some key things like PDF Readers. If it is a utility box, I also frequently download Firefox, NotePad++, 7-Zip, WinMerge, WinDirStat, PuTTy, and WinSCP among the usuals. I do a lot of VMware administration which is why I get PuTTy and WinSCP.

    posted in General Discussion read more