Advice on building server...

[haste.]

Hey Everyone,

I recently took over as VP Finance for a community financial institution. I have plenty of basic IT knowledge and have worked with VMWare, Hyper-V and some other solutions. Although I can "pimp" my home machine, my skills on the server side/professional side of things are pretty weak. We currently outsource a lot of IT functions to a 3rd party, who are fantastic, but I would like to bring more in house over time.

There is a part of me that wants to build a server for myself to learn on at home. The software shouldn't be a problem, and I plan to buy used parts. I already have a decent 20 port switch, we just upgraded our primary SAN and my company would have no problem letting me use the old one that would be going into cold storage otherwise (at least temporarily, eventually I want to use it as a backup for the backup for DR purposes - but watching ebay I could get a used NAS/SAN for a fair price that is off service plan).

I have a Windows Server 2008 license (might be able get a 2012, but I'm not sure). I won't be using VMWare on this due to the expense and will be using one of the free solutions (would love recommendations on that as well).

My question to you all that have expertise is if you know of any books, websites, tutorials, webinars, really anything that will assist me on this. I would like to think that I am savvy enough to start at an intermediate level, but it's probably likely I would have to start with pretty basic.

I will appreciate any advice you can provide.

 

[Child of Wonder]

No offense, but as a VP of Finance why are you doing this? Are you going to perform the work of moving things in house yourself? Are you going to make the decisions on what platforms to use? Is it just to challenge yourself?

If not, I'd focus on the business side of your job and be grateful you don't need to learn about all this. There are some great companies out there (such as the one I work for) that will help you find the right balance of running some workloads in house on reasonable and easy to manage hardware while keeping others in a public cloud or managed services setting.

Count your blessings if you don't have to worry about the nuts and bolts of IT so you can focus on the parts of your job that helps the business make money.

That being said, start with some books. For Hyper-V, Aidan Finn has a great book on Hyper-V. Scott Lowe's VMware books are also a great resource. Our very own NetJunkie can even point you towards video learning series he's done to help you learn VMware, UCS, and more.

 

[Dead Parrot]

Include as part of your learning a review of applicable computer security requirements. Might be a good time to conduct a security audit to find out if your IT guys are as good as you think they are. Otherwise, you risk your institution winding up on the evening news as yet another one that has suffered a customer data breach. This becomes even more important if you start moving more things in-house as you will also be assuming responsibility for data security as well.

As for a VM server, more Ram is always a good idea. Get a 4 ram slot MB and start with 16GB in two slots. That way, you can double your Ram if 16GB isn't enough.

If there is a nearby college, see if they have a student discount on licenses. If so, take a class that fills one of your knowledge gaps and purchase the licenses needed for your experiments.

 

[Thuleman]

I recently took over as VP Finance for a community financial institution. [...] We currently outsource a lot of IT functions to a 3rd party, who are fantastic, but I would like to bring more in house over time.

That will be a career-changing event for you.
If you currently don't have solid in-house IT capabilities then there's no way that you will be able to match the SLAs that this 3rd party provides to you by bringing things back in-house without it being significantly more expensive.

I am not a fan of managed services, but there are cases where it makes perfect sense, and I know of one such case myself where a good friend of mine is the VP of IT at a credit union. He has the VP title, but he only has one direct report, and they have a lot of managed services.

3rd parties provide business continuity, they are not out on vacation, they are not out because their kids are sick, they don't leave your company because they got more pay somewhere else. No matter what, when you pick up that phone to call that 3rd party there is someone who is familiar with your environment there to answer it. You try to do that with in-house FTEs and you will literally get fired (unless you experience so much growth that an in-house team becomes viable).

No offense, but as a VP of Finance why are you doing this?

So much this!
Do the job you were hired for which will leave you with zero time to even think about doing additional work.

 

[haste.]

Two of you have asked why I would be doing this and it's a fair question. VP Finance/CFO of an organization without a VP IT/CIO will nearly always oversee the IT department; which is one of the roles I currently perform. So this is my job.

I have accountants/bookkeepers to assist me with my day to day functions, and the financial side of things comes easy. In the 6 months or so I've been there we've managed to reduce operating expense ratios to the lowest they have been in over half a decade. What I do not have is an IT department. Using a 3rd party for this is both expensive and very reactive. Without bringing IT in house I am hampering progress. Unless I am the one to request of the third party assistance with initiating a project, we really do not take the necessary steps forward. Constantly being reactive is one of the things that kills companies.

To bring IT in-house I would not be comfortable without a working amount of knowledge in their duties for 2 reasons; 1) so that I will have reasonable expectations and understanding of the position, 2) a "succession plan" in the case our in-house IT leaves the company or is on extended leave we have a person in place that can perform the essentials duties until the position is returned to normalcy.

I hope this explains a little more of the why...

 

[haste.]

That will be a career-changing event for you.
If you currently don't have solid in-house IT capabilities then there's no way that you will be able to match the SLAs that this 3rd party provides to you by bringing things back in-house without it being significantly more expensive.

I am not a fan of managed services, but there are cases where it makes perfect sense, and I know of one such case myself where a good friend of mine is the VP of IT at a credit union. He has the VP title, but he only has one direct report, and they have a lot of managed services.

3rd parties provide business continuity, they are not out on vacation, they are not out because their kids are sick, they don't leave your company because they got more pay somewhere else. No matter what, when you pick up that phone to call that 3rd party there is someone who is familiar with your environment there to answer it. You try to do that with in-house FTEs and you will literally get fired (unless you experience so much growth that an in-house team becomes viable).

3rd parties also don't do anything to advance the company. 3rd parties are the little blankey of security because they are always there, but coming into this company I found they are so fucking backwards ass in technology it is scary. I would not end the contract with them overnight, I would maintain a very low level of service for a year or two after bringing the function in-house to be safe.

Oh and BTW, we are big enough to have IT in-house. Had it at the company I left to come here - they are smaller, with less employees, yet low and behold they have 20x better infrastructure.

Edit: Your friend who is VP of IT is nothing more than a title. Credit Union's are notorious for doing that. Even if you have IT in-house you can still have some managed services, but outsourcing the entire function is asking to be irrelevant in the next handful of years. I guess I didn't expect this to become a handful of strangers judging the effectiveness of my ability to do my job without knowledge of what my duties are. Thanks Though!

 

[haste.]

Include as part of your learning a review of applicable computer security requirements. Might be a good time to conduct a security audit to find out if your IT guys are as good as you think they are. Otherwise, you risk your institution winding up on the evening news as yet another one that has suffered a customer data breach. This becomes even more important if you start moving more things in-house as you will also be assuming responsibility for data security as well.

As for a VM server, more Ram is always a good idea. Get a 4 ram slot MB and start with 16GB in two slots. That way, you can double your Ram if 16GB isn't enough.

If there is a nearby college, see if they have a student discount on licenses. If so, take a class that fills one of your knowledge gaps and purchase the licenses needed for your experiments.

Thanks for an actual response! When it comes to data breaches and business continuity, it doesn't matter who's fault it is, it is going to be my company in public perception. I had penetration testing performed in January and DR testing performed immediately when I came in. Both came back good. Ironically the 3rd party and the individual from the company are the same as I used over a decade ago at a different FI.

Good point on the college course and student pricing. I know there is a community college nearby in which I could look at their online offerings. I don't want to make a time commitment I might not be able to meet so it would have to be done online. Unfortunately that probably kills any networking coursework.

 

[Child of Wonder]

Two of you have asked why I would be doing this and it's a fair question. VP Finance/CFO of an organization without a VP IT/CIO will nearly always oversee the IT department; which is one of the roles I currently perform. So this is my job.

I have accountants/bookkeepers to assist me with my day to day functions, and the financial side of things comes easy. In the 6 months or so I've been there we've managed to reduce operating expense ratios to the lowest they have been in over half a decade. What I do not have is an IT department. Using a 3rd party for this is both expensive and very reactive. Without bringing IT in house I am hampering progress. Unless I am the one to request of the third party assistance with initiating a project, we really do not take the necessary steps forward. Constantly being reactive is one of the things that kills companies.

To bring IT in-house I would not be comfortable without a working amount of knowledge in their duties for 2 reasons; 1) so that I will have reasonable expectations and understanding of the position, 2) a "succession plan" in the case our in-house IT leaves the company or is on extended leave we have a person in place that can perform the essentials duties until the position is returned to normalcy.

I hope this explains a little more of the why...

Please don't misinterpret what the two of us were saying. We're not being hostile or questioning your ability. We're simply surprised because we don't typically hear of someone in your position asking to dig into servers and learn about them. For those of us that do know the headache of learning about servers and dealing with IT on a day to day basis, we'd wonder why someone outside of that realm or who's been promoted above it wants to dive in!

As you said, if there is no VP of IT or CIO, then it does fall on your shoulders!

I'd highly recommend Hyper-V as the solution to focus on for virtualization since you don't want to shoulder the expense of VMware. I have a thread here that gets into the nuts and bolts of Hyper-V and VMware that you don't really read about in marketing or training material. It will help give you a good idea of some of the more minute details of Hyper-V. It really is a strong product today vs. the garbage it was in 2008 R2 and earlier.

Orchestration is a huge piece of IT today so as you look for people to come in house, really make sure they're good at scripting with Powershell or have familiarity with orchestration products like System Center Orchestrator or UCS Director. The more your IT team can automate the less time they'll focus on menial tasks and the more responsive IT overall can become.

 

[haste.]

Please don't misinterpret what the two of us were saying. We're not being hostile or questioning your ability. We're simply surprised because we don't typically hear of someone in your position asking to dig into servers and learn about them. For those of us that do know the headache of learning about servers and dealing with IT on a day to day basis, we'd wonder why someone outside of that realm or who's been promoted above it wants to dive in!

As you said, if there is no VP of IT or CIO, then it does fall on your shoulders!

I'd highly recommend Hyper-V as the solution to focus on for virtualization since you don't want to shoulder the expense of VMware. I have a thread here that gets into the nuts and bolts of Hyper-V and VMware that you don't really read about in marketing or training material. It will help give you a good idea of some of the more minute details of Hyper-V. It really is a strong product today vs. the garbage it was in 2008 R2 and earlier.

Orchestration is a huge piece of IT today so as you look for people to come in house, really make sure they're good at scripting with Powershell or have familiarity with orchestration products like System Center Orchestrator or UCS Director. The more your IT team can automate the less time they'll focus on menial tasks and the more responsive IT overall can become.

And I didn't mean to be so defensive, just felt like you guys were on the attack a bit much without knowing the situation... I appreciate the help and will definitely read through your thread as well as take a gander at the books you recommended. The finance side of things comes easy for me and I have already made major strides, but we are so far behind in technology building these skills would be much more beneficial to the company. I'm still young (in my early 30's but one of the youngest VP in my territory) and putting time in today will pay massive dividends down the line.

 

[Thuleman]

3rd parties also don't do anything to advance the company. 3rd parties are the little blankey of security because they are always there, but coming into this company I found they are so fucking backwards ass in technology it is scary. I would not end the contract with them overnight, I would maintain a very low level of service for a year or two after bringing the function in-house to be safe.

Oh and BTW, we are big enough to have IT in-house. Had it at the company I left to come here - they are smaller, with less employees, yet low and behold they have 20x better infrastructure.

If your current 3rd party doesn't do their job right then find a better partner. There are plenty of highly capable IaaS/SaaS and/or MSPs out there. Depending on your location you are looking at 90-150k for a server admin FTE (including benefits). For the price of one FTE you can outsource a shitton of functions and be guaranteed that not everything hinges on one person being available all the time.

How many FTEs will you need to guarantee that when the shit hits the fan (and it will, no matter how good your infrastructure or your planning is, human error will create an on-shit condition) you will have enough people to respond quickly?

The value that 3rd parties provide is that they can ramp up quickly because they can reassign existing resources to cope with your crisis. I run an infrastructure team, I am with the "keep things in house" crowd, and I can tell you that doing so only makes sense when you can realize the whole economies of scale thing.