IT infrastructure audit — what should a beginner do
Sooner or later, small companies or their IT Administrator have to prepare an IT infrastructure development project. I will write about all traps and pitfalls that one can come across.
I should explain from the very beginning that you will find no advice here about the equipment for any solutions, software or about the integrators to deal with. This is absolutely specific and will directly depend on you and on your final goal: to eliminate the current failures or to build the IT infrastructure in such a way so that any task could be solved in one click.
This article is mostly for those who has worked very little in this sphere but is asked for everything and at once.
Here is the approximate list of problems that one can face during the audit of the IT infrastructure.
- Absence of those whom you can ask something, the companies having no skilled IT specialist, or the IT administrator has no sufficient experience and knowledge, spend too much time to find out “how and what for” the IT infrastructure elements were installed.
- Absence of a clear goal; I think that everyone will agree that IT specialists, because of their occupation, are to have extrasensory perception, as they have to overinterpret and overthink a lot, based on the context of the set task.
- Absence of clear (documented) description of the current infrastructure, here can be included the absence of the office network map, no description of connection between the branches, no cable marking, etc.
- Complete absence of documentation: copies of the agreements for telephony, Internet, hosting and other.
- Absence of the common password base.
- Absence of the information about the branches arrangement: lack of this information lead to extra temporary and financial expenses.
This is not a complete list, as there are a lot of such details.
Understanding psychology in general and taking into account that a huge part of IT experts are introverts, making this audit, in most of the cases they will fear to address the company heads with banal questions.
Now, see the details how to overcome these difficulties:
- It is necessary to organize inventory accounting to understand the staff you work with, what is old-fashioned and what can be replaced by something more productive. This is an obligatory measure. Then, having recorded all the equipment you should divide everything into categories (active networking, workstaion, bussiness-critical servers and service). If there is access to the administrative panel, make configurations backups, describe “what,” “why” and “what for” was set in each device, overwrite all servers net addresses, the managing equipment, networked storages, printers and everything having access to the network (except workstations).
- Next you can try to make a blank scheme of the net arrangement on the floor layout where bottleneck can be. Then you can start analyzing the equipment.
- Hardware analysis is one of the important events. It is necessary to understand how up-to-date is the used equipment (both net and server, as well as the user PC). Usually this reveals (with the help of the accounting office and commercial departments) that the entire business-critical information is stored as Excel documents on the server where the hard disc drives operate the third warranty period (!) and everybody is surprised and “files open slowly in the net” and the server makes a lot of noise with the discs. The net equipment was out of production one year before being bought for the company and, according to the comments, it is awful.
- Then you have to evaluate the current server capacities. It is necessary to evaluate server capacities, i.e. it is necessary to evaluate the operation of current servers (actual and virtual, if your organization has virtualization) and evaluate the degree of resource usage. Maybe it makes sense to liquidate some of the servers as there is no necessity in them but you were afraid to remove them. Maybe it is more convenient to unite some services, but others should be divided as they are incompatible on one device and overload the system.
- Do not virtualize critical things, such as gateways and routers, VPN servers used to emergency access to the net. It is important to reasonably evaluate all the factors, following which you make the decision on what should be transferred to the virtual environment and what should not. There are no ideal decisions.
- Organization of nettings between the branches. This issue is quite vast and has a lot of decisions. From the very simplest: provide each freelancer with a login and password for VPN, to an expensive one: lease L12 net from one provider and to the crazy one: install different equipment from different vendors and with their help organize access to the net locally and the access to the net resources inside the company (networked storages, etc.). Evaluate all “pros” and “contras” and make a right and best decision for your case. To simplify the understanding of “what to do” and “how to do” bravely invite system integrators and consult with them.
- After all the above described steps you can start calculating an indicative budget. Address specialized chats and forums to select specific models of the equipment. All the selected equipment must be calculated more than enough in case of growth in demand from your direct customers: company employees. Talk more to your heads about further company development. Maybe, they will give answers to your questions.
Instead of conclusion.
Try to document all your actions on servers when changing service configurations.
And remember two things:
1. There is no ideal instruction!
2. There is no ideal protection!