Until the knock of environment friendly concepts and public concerns, traditional datacenters had fixed their eye on maximum uptime. Times have changed and datacenters are concentrating on conserving energy. Here are some tips that can contribute towards building eco-friendly datacenters.

Recently, I was involved in redesigning our company’s datacenter to consolidate hardware and systems running at two different physical locations. This was planned not as a “marketing” or “great idea!” move, but in fact it was a pragmatic business decision that helped the company to save money each year. I would like to share here my key learning’s that helped us make decisions to work towards a Greener Datacenter.

Evaluate Current Infrastructure: This is the first step where analysis needs to be done on the energy bills, current consumptions, and how much is being utilized by the servers, air conditioning systems, cooling fans and other devices like routers and switches in the datacenter. This helps in creating a baseline for calculating the Return-On-Investment after the changes are actually put in to implementation. Here is a link to couple of Power Calculators:

India – http://www.indiaenergyportal.org/
UK – http://www.ukpower.co.uk/running-costs-elec.asp
USA – http://www.42u.com/efficiency/energy-efficiency-calculator.htm

Rack Placements: This is an important aspect while designing the datacenter floor plan. Plan the layout of the equipments and structural components in a hot aisle and cold aisle rack layout method as recommended by Green Grid. The basic principle is to maximize the separation between the exhaust air flow and intake air flow. The figure below would give a better idea of the basic design principle.

The benefit of this arrangement is that it affects the required air delivery temperature that must be used to equalize the temperature throughout the room.

Need Analysis: Evaluate what is required out of the datacenter, not just what is needed now but maybe two or three years down the line. This helps in estimating the room for growth and helps avoid costly mistakes which fail to allow enough headroom for IT growth.

Eliminate: Look at every single area where you can eliminate, reduce or consolidate current hardware and equipments. For example, if you have two 24 port switches using only 18 connections consolidate them and shut down one of them. This does not have much impact in small organizations, but when we talk about companies which have lot of equipments in their datacenter, I’m sure figures would be impressive. Moreover, while calculating the ROI also consider the capital equipment and ongoing operational cost savings.

Consolidation of Servers: Identify areas where servers can be consolidated on to one single piece of hardware rather than running multiple physical boxes. By running multiple platforms and applications on a single server with many virtual servers can help reduce the amount of physical boxes. This in turn would help save the power consumption of not only the hardware box but also affect the cooling systems energy consumption.

Usage Patterns: There is a misconception that servers in a datacenter should be available and performing 24×7 regardless of the usage levels. In fact, identify and list out how all different parts of the network are being utilized and what are the peak hours for bandwidth, processing power and storage to handle peak network traffic. Set the power savings features on the hardware or OS level such that it helps in saving power. Allow the servers to sleep when they are not being utilized and explore the Wake-On-LAN technology.

Rated Appliances: Use Energy Star rated appliances, specially the air-conditioning or cooling systems. Devices carrying the Energy Star logo tend to save about 20% to 30% of energy on an average and the specifications differ with each item. Keep an eye on this point as it is estimated that EPA (Environmental Protection Agency) will announce and enforce the ratings for datacenter appliances and servers by 2010. At times, devices with Energy Star rating come costly but it is worth investing that marginal amount during the initial purchase. The overall running costs of power consumption would be much higher if the devices are not power efficient and you will run spending more on the energy costs in the long run.

Monitoring: It’s important to keep a track on the uptime and usage patterns of the datacenter. It basically allows the IT managers to accurately measure the effectiveness of the changes. Moreover, it also assists the top level management to decide on green energy solutions to reduce or eliminate their carbon footprints.

Remember, Green is just not a color – it’s more than that.

Do feel free to add in your comments, ideas and experiences. They would be much appreciated by all those who are planning to make computing energy efficient.

One of the features in ISA Server 2006 is the ability to block traffic based on URL or Domain name. This means that traffic can be blocked for a particular website from ISA Server without disrupting the general Internet access rule.

I’ve compiled some Domain Name Sets and URL Sets from the Internet and zipped them for easy availability for ISA administrators. Download the ZIP file and extract it. Under Network Objects in the Toolbox tab, right click URL Sets and click Import. Choose a single XML file from the unzipped folder of URLs. Once you have imported all XMLs, follow the same procedure for Domain Name Sets.

The next step is to create a rule which denies traffic to the websites which are listed in the XML files that we imported. Start by creating a new rule. I’ve named my rule as “Block Custom Sites”.

In the Access Rule, choose “Deny”.

Under protocols, choose HTTP and HTTPS.

Under Sources, choose Internal and VPN Clients.

Under Destinations, choose the XML lists that we imported. You can add multiple XML files.

Remember to shift the rule that we created to the top of all rules and we are done.

All those System Administrators running their Exchange Server 2007 on a Windows 2003 (64-bit) server have the previlage to get access to the traditional NTBackup utility to backup their exchange stores. But those who are running their Exchange Server 2007 on Windows 2008 (64-bit) must have faced the dilema of which tool to use to backup their mail stores. This is because Windows Server Backup in Windows Server 2008 no longer supports Exchange-aware backups or restores. In order to back up and restore Exchange Server 2007 Service Pack 1 (SP1) on Windows Server 2008, you must use an Exchange-aware application that supports the Volume Shadow Copy Service (VSS) writer for Exchange 2007, such as Microsoft System Center Data Protection Manager, a third-party Exchange-aware VSS-based application, or a third-party Exchange-aware application that uses the streaming backup APIs locally on the Exchange server to make a backup locally on the Exchange server.

What does all this mean? Nothing but shelling out extra $$$ to invest in a backup solution unless you are interested in a very simple backup solution to assure that the logs get truncated and you have backup copies which you can restore. Here is a basic hack which can help one save a couple of $$$.

Step #1

Get access to a Windows 2003 R2 Server which is running a 64-bit OS. Assuming that you are not running your production Exchange Server 2007 in 32-bit environment, we require the 64-bit version library files. If you do not have a one handy, you can get the source files and then expand the DLL’s or install one in a virtual environment.

Step #2

Copy the ntbackup.exe, ntmsapi.dll, and vssapi.dll files from C:\windows\system32 into a new folder on your Exchange Server 2007 running on Windows 2008. I created a folder called NTBackup under Program Files and placed them there.

NT Backup Exchange 2007

Step # 3

Right click Ntbackup.exe and choose “Run as administrator”.

Your should see the Exchange Server Information Store as part of your backup wizard.

Select the Information Stores that you want to backup. Choose the Backup media or filename and the path where you want to store your backups. Once you have finished the configuration, click on Start Backup and the exchange store backups should start.

Once the backup is complete, you should see all the transaction logs getting truncated (hope circular logging is not enabled) and also the mail store would be stamped with the Last Full Backup date and time stamp.

One thing to note though: you cannot back up a storage group in a Standby Continuous Replication (SCR) environment. Backups of storage group copies are available for Local Continuous Replication (LCR) or Cluster Continuous Replication only.

Here is a quick check list for System Engineers and Data Base Administrators to lock down MS SQL Server and secure the database server:

Communication: If possible and if budget permits, do not expose the SQL Server directly to the Internet. Allow the communication from a web server to the SQL database server over an internal IP address.

Strong Passwords: Ensure that the server uses a strong password for the “sa” account. Use a combination of letters, numbers and symbols. This make it difficult for Brute Force hacks to guess the password.

Authentication: Keep this to Windows Authentication if possible and avoid setting SQL to run under Mixed Mode. Windows Authentication will require SQL server to check the Active Directory and moreover the logins will not be stored in the SQL server.

Service Packs and Updates: Make sure that the SQL Server is always patched with the latest Service Pack and Security Updates. This ensures that the latest security vulnerabilities are addressed and blocked.

Service Accounts: Run both MSSQLSERVER and SQLSERVERAGENT under the Domain User permissions. Do not run them under any Administrator account. This ensures very less damage in case the user account or the server is compromised.

Block Ports: If there is no need to expose the MS SQL Server to the Internet, block port 1433 and 1434 at the firewall. This means that the SQL Server will not be accessible from the Internet, thus making it hard for outside attackers to reach to the server. It also prevents worms and viruses.

Backups: Encrypt and compress the backup files. Put a password on the backups and store them to a safe location. Do not keep them on the server.