1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Any other System admins here?

Discussion in 'BlackHat Lounge' started by davids355, Aug 5, 2011.

  1. davids355

    davids355 Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 25, 2011
    Messages:
    8,805
    Likes Received:
    6,372
    Home Page:
    This is random but hey it's the lounge - just wondering if there's any sysadmins on here that manage exchange environments?
     
  2. Knoxgates

    Knoxgates Supreme Member

    Joined:
    Aug 9, 2008
    Messages:
    1,266
    Likes Received:
    918
    system as well as Network admin here. I do manage exchange server.
     
  3. davids355

    davids355 Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 25, 2011
    Messages:
    8,805
    Likes Received:
    6,372
    Home Page:
    Do you back up exchange off site? If so how big is your store(s) and what program do you use?
     
  4. Knoxgates

    Knoxgates Supreme Member

    Joined:
    Aug 9, 2008
    Messages:
    1,266
    Likes Received:
    918
    There is a seperate team for backing up mailboxes and they use exmerge and someother tools. I don't do backup's. It is a small exchange server with only 500 users.
     
  5. saxgod

    saxgod Regular Member

    Joined:
    Sep 19, 2010
    Messages:
    351
    Likes Received:
    337
    Also system & network admin. Run an exchange server with 5k users

    I have a couple of backup machines in another building a few hundred meters away on the other side of the street and there is a 1gbps fiber between the buildings under the street. The machines have 4x2TB disks in raid 5 and are Dell Powervaults. It is used for backups from all important servers like: webservers, desktop virtualisation servers, exchange server, sap servers, databases, ...
    Some other servers that are not really production servers are backed up onsite on a nas.

    For the windows 2008 servers i mostly use the latest version of Symantec Backup Exec.
    For cpanel servers i use the build in NFS functionality.
    For other linux servers i use rsync.

    The backup machines all run Windows 2008 Fileserver with cygwin on it for rsync and nfs functionality. Exchange needs NTFS to backup sadly enough ;)

    I make a daily full backup. I don't trust incrementals.
    The daily is kept for 7 days.
    Every sunday there is made a full weekly backup, this is kept for 4 weeks.
    On the last day of the month it makes a full monthly backup. this is kept for 12 months.
    On 31 december, while everybody is cheering happy newyear, it makes a full yearly backup. This is kept for 5 years.

    Hope to have answered your question a bit ;)
     
    • Thanks Thanks x 1
  6. davids355

    davids355 Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 25, 2011
    Messages:
    8,805
    Likes Received:
    6,372
    Home Page:
    Small! Our largest setup has only 47 mailboxes!!
     
  7. davids355

    davids355 Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 25, 2011
    Messages:
    8,805
    Likes Received:
    6,372
    Home Page:
    Jealous!!! Would love to work on network that size! Sounds like a comprehensive backup plan! Pretty sweet having a fibre link ay!

    What's backup exec like?

    We had issues because we needed to get 30-40GB stores off site.
    I decided to go with exmerge and amazon storage - have a script that creates a full archive initially and then a daily incremental backup - it was the best I could think of.
     
  8. saxgod

    saxgod Regular Member

    Joined:
    Sep 19, 2010
    Messages:
    351
    Likes Received:
    337
    Yeah we have about 500 workstations on 4 locations, so they are all connected via fiber. our hq (where the servers are and my office is) is connected to the web via fiber also. I don't dare to run my bh stuff on there though ;)

    Backup exec is a breeze. It takes a while to 'understand' what you need to do to configure it but it is a really powerfull package. I don't know exmerge so I can't really compare them. I suggest going to the symantec website and checking it out there :)

    Amazon storage.. sounds expensive.. I would rather rent a box with like 250 to 500gb storage. I don't know where you are located but leaseweb (.nl) has boxes like that for 50 euro's a month with 5000gb traffic. (40gb * 30 = 1200gb so that adequate).
     
  9. davids355

    davids355 Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 25, 2011
    Messages:
    8,805
    Likes Received:
    6,372
    Home Page:
    Does backup Exec do it incrementally?

    Amazon is ok, think it works out about $30-$40 per month for the amount of storage we need which is nothing.

    Wow I'd love to manage a network of that size! So do you have servers at each site or just VPN to connect clients?
     
  10. saxgod

    saxgod Regular Member

    Joined:
    Sep 19, 2010
    Messages:
    351
    Likes Received:
    337
    Yeah backup exec can do it incrementially but i don't do it because eg you make full backup on sunday and then incremental every day. if the sunday backup is broken the incrementals after that are also broken (since you need the full)

    oh didn't know amazon was that cheap ;)

    Yeah the network is pretty cool ;) I think the switches etc alone are worth 20k. The core is fully layer3.

    Each site has its own DC, DNS, WSUS and WDS, but all other stuff is centralized at the hq. Most people work on thin clients (dell fx160) nowadays on desktop virtualisation. This means that the employees can login on any thin client on any site and still they login onto 'their' desktop. They can even login from home and work from there.

    We are currently migrating to this, so we still have a lot of workstations (mainly dell optiplex 330's and all got a 2k euro laptop from dell for free because we bought over 200k equipment with dell ;)
     
  11. davids355

    davids355 Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 25, 2011
    Messages:
    8,805
    Likes Received:
    6,372
    Home Page:
    Cheers Sax, nice insight into the bigger game.

    In most of our setups we have all of those running on a single server (dns,dc,exchange,wsus)!

    Trouble with the smaller networks as well is that we're normally working with between 512-1024kb upload so getting a full backup offsite every week would be tricky!
    My emerge script makes a full exchange backup initially then uploads 1gb per night until complete, whilst also uploading a daily incremental.
    Also I tar it all up with 7z - which is wicked!
    Main problem with exmerge is that it backs up daily email by email and works on delivery date, so if it backs up an email on Monday then user moves it to a different folder on Tuesday, the move won't be recorded in the backup.
     
  12. davids355

    davids355 Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 25, 2011
    Messages:
    8,805
    Likes Received:
    6,372
    Home Page:
    So do you use terminal server for this or something more advanced?
     
  13. saxgod

    saxgod Regular Member

    Joined:
    Sep 19, 2010
    Messages:
    351
    Likes Received:
    337
    Yeah on the other sites this is always 1 server (poweredge 2790 or R300)

    yep we started out on dsl/cable too :) We have 300/300 fiber now to the
    internet. The fiber itself syncs on 1gbit but we only have 300mbit on the backbone of the carrier that takes us to the ISP. The fiber deployment is pretty expensive. Luckily it was subsidized by the government and we only needed to pay like 30k ourselves :p
    So this is: Fiber from HQ to nearest junction box of the carrier, near the highway. this is about 5km. Cost: 2 million euro (gov paid this). Then the signal gets merged with other signals (the fibers from the carrier are 10g), sort of like a vlan with QoS/shaping. The signal is then terminated at one of the ISP's POPs 50km further. There sits a 10ge router where our fiber is plugged into (but only 300mbit ofcourse)

    backup exec incremental saves all changes. So also if you delete a mail or move it, if you restore the backup, the incremental will also redelete that mail. You can restore up to mail level though. Very usefull if a user deletes a mail and realizes the next day he needed that. just restore the single mail. I suppose exmerge also does this ;)

    Yeah currently these are poweredge 2950 boxes with 2x quadcore and 32gb ram and sas disks. We are looking into moving this into private cloud (inhouse cloud) and running windows 7 desktops in there (vmware/citrix)
    This will be something to be deployed over the next 3 years i think.
     
  14. davids355

    davids355 Jr. VIP Jr. VIP Premium Member

    Joined:
    Apr 25, 2011
    Messages:
    8,805
    Likes Received:
    6,372
    Home Page:
    Very interesting stuff!!

    Will be even better if you get vmware set up! Hopefully il get to work with that sort of kit one day!!!!