oaydin 0 Posted February 3, 2002 Guyz, I'm a rookie IT now, I'm lucky I got a job with that little knowledge n without certificate At the moment I have one server n 37 clients. Server is serving SQL 7.0 , that all the clients n things going on that. Some fool tried to install exchange n antivirus to same srv , lol now , I have 3 new server (ok not srv but will be used as) each config is same, AMD XP2000+ Chaintech 7sid sis735 (rock solid n no problems) ram : 1 srv 1 gb , other 2 512 mb DDR 60gb 7200 western intel pro100/s n things I2m gonna serve : SQL 7.0 Exchange 2000 Norton antivirus enterprise Firewall (dunno yet what to use) a domain srv with AD file n backup NAT each srv will be w2k server Now I need opinions as which thing should run with which. I will leave SQL alone . Should I run Exchange with Domain srv or not ? should NAT be on domain ? which one should connect to net n other 2 stay internal ... I'm lost hehe pls help Share this post Link to post
ryoko 0 Posted February 4, 2002 Ok, these only are opinions: 1 Buy some books and read every night. Start with a general networking one to get the concepts. 2 Although you can install all that stuff on one machine, I agree with your method of setting up mutiple servers. Keep SQL and exchange separate. Make sure you set up some type of fault tollerance. Mirroring would probably be your best bet. 3 BACKUPS!!!!! Make sure you set that up, and test atleast monthly. 4 I personally would get a good firewall that also performs NAT. There are many to choose from, however I like Symantec's (Formerly Axent Raptor) There is so much more to say, but it all is subjective and depends on your situation. You really need to get a networking essentials book, and see if your employer will pay for some classroom instruction. -RY Share this post Link to post
clutch 1 Posted February 4, 2002 I have run Exchange, SQL Server, NAT/Firewall (ISA Server), WWW, etc. on servers that were both member servers and domain controllers without any issues. DCs, however, do have more overhead in large environments when they are tracking many clients. If you can keep Exchange away from SQL, Norton (I keep everything away from Norton products but that's just me ), and any firewall/NAT system you should be OK. At my office, it works something like this: Server: Exchange Server: SQL, McAfee Epolicy Orchestrator (similar to your NAV) Cisco PIX: Handles Firewall/NAT duties (like a separate server) Firewall/NAT systems should be on their own, since the might block active ports used by your apps or may have issues with socket-pooling applications (like IIS by default) that will cause an application to monitor all IPs on a given interface and may clash with whatever rules are set on the firewall. But remember, as mentioned earlier you should read up on these applications and see if any known issues might exist and *why* they exist. This way, you can try to avoid them, but if they come up you will have a better chance of recognizing them. Share this post Link to post
OLEerror 0 Posted February 4, 2002 I'd suggest grabbing a workstation to run your NAV off of. You can run it off of a Pentium II 333MHz without any problems and it will take that much more off of your servers. Share this post Link to post
ryoko 0 Posted February 4, 2002 Also, I do not know if NAV for the servers has a separate exchange 'plug in' or if it is bundled, but you definately need to get an exchange antivirus program that will scan at either the MTA or IMC. I think 98% of the viruses sent to my company were caught by the exchange agent. Of cource that also assumes you do not have another scanner at the firewall. -RY Share this post Link to post
oaydin 0 Posted February 5, 2002 Thxs for the replies all Yeah I have to read n learn a lot n a lot , I know that. I'm not after a short way to learn all those (lol impossible) n not I have few experience with AD n exchange , n no with sql My only stand point is they didn't have a IT or such before, so I will learn with them n yes they will send me to MCSE course next month, probably 350 hours or such. Now from all your points , I came up with this : 1 - SQL : server (even not a client AV , bc there won't be any sharing or such, only the proggy clients use will reach the database, nothing but nothing will ruun on it, so as I assume even a virus spread there it's low possibility tý hurt the srv) warn me if I'm wrong 2 - Exchange , nat , firewall : server . Now we don't have cable or dsl yet. Both ISP's say won't take more than 2 months for the service but for that 2 months my only choice is dialup , n as I know if I keep exchange behind , it doesn't run. So exchange should dial n connect to net directly. I will use Sybari for echange. Warn me again if I'm wrong. 3 - norton AV , file , backup : server I will let norton update the clients , also scan the sql server at nights , when sql won't be serving. I will keep ppl documents at that srv n enable the real time protection. at the moment company won't afford to pay for tape backup. So I plan to schudele n backup sql database n exchange files to here n burn them again warn me if I'm wrong I will keep those servers here at home for 2 weeks n a client , n will check anything I notice will ask for help n for last I assume keeping AD at third server is better , but not sure for this again , need your opinion tia Share this post Link to post
clutch 1 Posted February 5, 2002 I wouldn't put any other software on the Exchange server, except virus scanning software meant for Exchange (not just the server version of an AV program). It is generally considered not a good idea to have normal AV scanners on database servers, since they try to treat the database/transaction log files as normal files, and this may lead to corruption of these files. Now, there are virus scanner packages meant for servers running these applications (and the applications themselves) which should be used, I am just suggesting that you don't use the regular file server versions with these apps. One more thing about backups. How do you plan on backing up your Exchange server? I setup Windows 2000 to use NTBackup and run batch jobs every night to make a single backup file. Then, the network backup (ARCserve 2000) picks up that file when it backs up the rest of the server. Using this method, you can easily restore the databases of the Exchange server while it's online using all MS applications. I have done this a few times, and it works very well. Some backup packages have agents meant for Exchange that allow you to do "brick-level" (mailbox level) backups, but most admins that I have heard from recommend against using them as backup times are miserable and restoration abilities are questionable. Share this post Link to post
ryoko 0 Posted February 5, 2002 Sorry Clutch but I must disagree, Perhaps a differance in opinion, but when I was restoring from a brick level backup the executive VP's files I was quite happy to have it. Also at month end, and accounting needed a mail from the past month again the brick level was quite usefull. I found an extra hour and a half for the backups at night when no one was using the system was quite acceptable. Share this post Link to post
clutch 1 Posted February 5, 2002 They may have worked for you, and that's cool. Most of the Exchange admins that I have spoken to (and posted to on Exchange newsgroups) don't care for brick level backups and instead use a 30-day reclaimation policy on the server, so that one could just bring back the deleted files. But, the brick-level method must work for somebody (like you ) since it's available. I already spend a little more than 10 hours on our network backup, so I couldn't afford it even if I wanted to. Share this post Link to post