Friday, March 25, 2016

IT SMB Success Summit 2016 - Datto Virtual Backup

So I am always looking for news ways to do things better, faster and more efficient. And since I'm keen on becoming one with the software/hardware that I deem necessary in today's networking world, there are, on occasions, opportunities that present themselves without my specific searching for them. I found a great product that I have had the benefit of using for about a year now made by a company called Datto.

Now Datto has been in existence since 2007 and currently is one of the DR (Disaster Recovery) modules that I have on a couple of vm's on my network to preserve the business continuity of the network. In other words, this solution has saved my ass numerous times, whenever the network I have it implemented into suddenly has a hiccup and a server goes down.

Instead of running around in a panic to get the specific server back up and running, I simply log into the network, access the Datto box, in this case, the Datto Alto device, and switch it to be able to give user access to the server that it has been storing images on. Depending upon the frequency of the incremental image back up, it will pretty much continue the users where they left off.

If you are wondering how this works, first off, here are the specs of the Datto Alto2



  • 1 TB 2.5” 7200 RPM Hard Drive
  • Dual Network Adapters
  • Two 3.0 Ports on Front USB
  • Up to 4 Simultaneous Virtual Machines
  • AMD 1.5 GHz Quad Core Processor
  • 8GB DDR3 RAM
  • 2-4 Agent Licenses
  • 3 Year Hardware Warranty

The Datto AltoXL specs:




  • 1TB-24TB Local Storage Capacity (Per Unit)
  • Hot-Swappable Drive Bays for Easy Field Upgrades
  • Available Intel Atom 2.4 Ghz 8-Core Processor
  • Unlimited Server, Workstation and Desktop Licensing
  • Solid-State OS Drives on All Models
  • End-to-End Encryption
  • Up to 32GB RAM Standard
The Datto Alto has a simple web-based GUI that allows you, in a few simple clicks,  to go from server down to back in business in no time flat. As we know, most companies are running hardware that's at least 5-8 years old. In the healthcare industry, providers have to keep their systems up and running due to the EMR's that they use tend to demand high resource capabilities. When a specific server goes down, that usually spells disaster for the MSP handling the managed services of that network.


When implementing a device such as this into a network it would be safe to say that having a device that closely matches the specs currently being used by the server its backing up should shore up fairly close, if not exceeding it. Datto does not disappoint there, giving that a current user utilizing this has the same specs as the Alto2, it was a no-brainer. 

In a few short minutes the Datto Alto2 was up and running and backing up the current server at bare metal capacity. The system can be setup to collect an image every 15min, hour or day. Since this user does not have too many server failures, I configured it to sync images at 7am, 12pm and 7pm, this way if something should happen, they would only lose up to 4 hours of work in the mornings and 5 hours in the afternoons. Some may say that it should back up more frequently but you do have to take into consideration that it only has a 1Tb capacity and this user has 750gb of EMR database files that have to be retained for up to five years per HIPAA compliance regulations

Datto recommends a 2 to 1 ratio on space used (for instance a 500Gb server would need 1Tb of available space on the Datto to ensure all incremental backup will not interfere with business continuity.

Overall, I am impressed with the Datto Alto2 and their other products arent bad either. If you have a desired interest in this product give me a call as they do not sell directly to the public.

Friday, March 18, 2016

IT SMB Success Summit 2016 - March 16 - 17, 2016 - Conference In Review

Over the next few weeks I will be reviewing and speaking on the conference that I attended in Orange County this week: IT SMB Success Summit 2016.

I will attempt to cram everything that I learned into one page segments, profiling various software and hardware that most of the vendors there were showcasing.

Currently I have a VMware vSphere 6 lab setup that consists of 2 - Dell R610 servers and 2 - Dell 28xx switches, with an additional 12Tb NAS and 40Tb SAN currently being built and configured to the network to be attached soon. All vSphere6 downloads come with a 60 day full version trial and since its a lab, I can reinstall the trial after 50 days to start the 60 days trial process all over again without affecting the vm's that reside on it (You are probably wondering how that works, another blog topic to come)
Current virtual network consisting of 2 Dell R610 servers, 1 Dell 2848 and 1 Dell 2810

The current ISP is Verizon FIOS and the current router configuration is setup with 150m download / 150m upload bandwidth speeds 

I also have VirtualBox 5 on my Lenovo W540 super powerful media workstation that has 32Gb of Ram, 1 256Gb SSD hard drive, 1 - 1Tb SSHD hard drive and within Virtual Box there are 4 vm's availabe with any two running currently. I use this to do demonstrations when teaching other consultants about certain versions of Windows servers
Lenovo Thinkpad W540 with 32Gb Ram running Virtual Box with 2 vm servers deployed


With this network I am able to build, configure, deploy test and review various software and hardware items that vendors are currently marketing

Essentially the virtual network has 10 vm's running on it ranging from Windows Server 2008 and 2012 to the newest version of 2016 with a few Windows 7 and 10 vm workstations for testing client/server deployment scenarios. When testing software products on this network, having old to new versions of OSes is an asset during the review process.

If you are an IT professional or are aspiring to be one, this takes it to another level, focusing on the business owner and not necessary the IT tech that already works for a company. I also suggest that you purchase some equipment and build a test lab such as I have to give you a hands on mindset when approaching the testing phase on such products.

These reviews are geared to give you some insight on the mindset of the current level of technology, where its going and why its relevant. 

Stay tuned:


IT SMB Success Summit 2016 - March 16 - 17, 2016

So since I inquired about products from Datto, I was invited to participate in a prestigious IT conference in Orange County this week called the IT SMB Success Summit 2016.

The group sponsoring this event, The ASCII Group, is a conglomerate of IT professionals pared with various sponsors that offer products that most in the industry use, would like to use or are just plain curious about.

The thing I like the most about this conference is that they encourage network and interaction between sessions and suggest that you bring at least 175 business cards as you will really be exposed to IT pros from across the country, some even came from as far as Germany, Italy, France and Japan.

The most intriguing part of this conference is that I did not fall asleep one time. Breakfast and Lunch was provided and it was lovely. This conference is normally $1,800 but being a part of Datto's company made it absolutely no cost to me, nice.

The agenda was concise and they kept things rolling and on time since there was SO much information to process. In fact, this one conference has given me plenty of blog information that I will be bringing to the forefront for the next month.



The conference was actually two days with a meet and greet with drinks and food, but I do not live near Orange County and didnt want to drive there twice. Nonetheless, it was a very worthwhile conference to attend and the knowledge, networking, meeting of vendors and new IT faces to be able to bounce things off of was all worthwhile.

I have provided a link below if you would like more information on this group and its benefits, trust me, if you are an IT professional, this is the group you wanna have in your corner

The ASCII Group: Benefits

Saturday, March 12, 2016

Networks that should not be in existence

Currently as of 1/2016 I am testing various products and have built my own virtual lab network.  As a consultant in the past, I ran into various network infrastructure setups and sometimes they weren't setup the proper way that they are supposed to be.

Most of the consulting projects I worked on were for small businesses that have about 5-30 employees so you would think that the network would be setup correctly, RIGHT.........wrong. That has not been the case as of late, I have ran into networks where the router is directly open to the public and they are using public ip addresses on the computers instead of using local private IP addresses, the server closet is not even locked or cooled causing some peripherals to crash continuously, all the employees are administrators (disaster when one leaves or gets terminated and has time to copy or even delete all important data) and the list goes on.

My main goal when looking at a new network is to determine that the network has been setup according to best practice settings. These next items are an except from a computerworld article that was posted 8 years ago but are still pertinent today:


1. Use encryption on your wireless access points (AP). Many site surveys have found half or more of all wireless networks are wide open, ripe for anyone to gather all the traffic and perhaps record your sensitive information by sitting in a nearby parked car. Some people mess around with locking down MAC addresses, but that gets unwieldy and a better solution would be to use WPA2 encryption. WPA2 is far better than other encryption methods that are more easily broken into.
2. If you have a wireless network, make sure to hide your SSID (service set identifier), or at least change its name to something common. All wireless routers should have obscure IDs when they announce themselves to the world.  Rather than put in any real information that can make it clear who owns the router or that can divulge your location or business name, such as "Acme Systems, here on the 4th floor" or the product name like "Netgear," use something innocuous like "wireless" or "router1" that doesn't give away anything really critical. In my last apartment, I had neighbors who used their apartment numbers for their IDs, making it real easy to figure out who's router was where.
3. If your router (wired or wireless) has a Web management interface, disable access from the outside network. And change the admin default password now. Most routers have the ability to do both quite easily. You don't want anyone else coming in and changing your settings or reading your log files.
4. Make sure all of your PCs use antivirus software and if you're using Windows, add anti-spyware protection. This seems obvious, but it bears restating. And while you are at it, check to make sure that all of your antivirus subscriptions are current. Anything out of date isn't doing you any good. In my support travels, I've found that this is a very common lapse among my neighbors.
5. If you are running a Web server on your LAN, put it on a DMZ. If your router doesn't have a DMZ, get a new router. Better yet, move to a collocation facility where someone who knows what he is doing can manage it. Having your own local Web server sounds like a good idea, but is a real security sinkhole, and many cable networks have made it harder to host your own from your home network anyway. So why worry?
6. Speaking of Web servers on the Internet, if you have them, you should scan regularly for exploits. There are many sites that can do this, two of my favorites are SPIdynamics.com and Qualys.com. Also, make sure to keep track of your domain registry and change all of your access passwords regularly. If you update your Web content, don't use FTP or Microsoft's Web page creation tool, FrontPage; instead, find more-secure methods that don't send your access passwords in the clear. You can learn about other ways to protect your Web site at OWASP.org.
7. If your ISP offers such an option, use a VPN (virtual private network) for access back to your local LAN or your remote Web server. There are many to choose from, ranging from the free OpenVPN.net to inexpensive but capable ones from SonicWall and Fortinet, which are designed for small business owners.
8. Disable file/print sharing on everything other than your file server. You don't need it on each desktop, and that just causes more vulnerabilities. This is particularly important for laptop users: You don't want to be broadcasting your entire file system to everyone around you at the airport or hotel, which is something that I often see when I travel and check for open network shares.
9. Use whole disk encryption on all laptops that will ever leave home. You never know when someone will steal your data or break into your car or hotel room and lift the laptop. I like PGP Disk, but there are others that cost next to nothing and provide plenty of protection. If you are in the habit of carrying around USB thumb drives with your data, then use one of the more modern U3 drives that work with Windows and are at least password-protected to keep your data away from others. I currently use truecrypt or bitlocker on the laptops now.
10. Start doing regular off-site backups now. At least start with making copies of your key customer and business data, and then make sure you cover your personal files, such as family photos and the like. Now is the time to cook up something simple. Burn DVDs and take them home, or make use of one of the online storage vendors such as eVault and Amazon.com's S3. They cost less than $100 a year (Amazon's less than $10 a year) and can save your data in case of fire, theft or just carelessness. If you have two PCs in two different locations, sign up for Microsoft's Foldershare.com free service to synchronize your data.

This one the technology is kinda dated as dvd's cannot even hold the amount of data that is on most companies networks, but there are now companies like iBackup that will back your critical data up to the cloud