Servers are critical to your IT infrastructure. Attend this session to learn how best to make sure they are running smoothly with the K1000: http://dell.to/1GDYpr8
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Server Management
1. Dell World 2014
Server Management
Carl Keller, Jamie Cerra, ESM Sales Engineers, November 5th 2014
Dell World
User Forum
2. Dell World 2014
Agenda
• Server Management - Defined
• Agent Installation– “New” GPO tool
• Server Inventory
• Server ITAM
• Labeling Best Practices
• Server Patching strategies
• Patching Clustered Servers
• Driver Updates
3. Dell World 2014
Server Management Defined
• IT admins are responsible for keeping track of Servers
• They need to track specific information about the shared system
• Dell K1000 routinely updates Inventory via an Agent or Agentless
• Software Compliance is critical as Server Software packages can be
very expensive – i.e: Visual Studio, SQL Server, Project Server; etc
• Securing the Server through effective Patch Management reduces
risk to an enterprise– K1000 patches Windows and Mac, we can
deliver updates to Linux
• Tracking firmware and driver updates (Dell Updates)
• Test against Standard baseline security templates ( OVAL or SCAP) to
identify vulnerabilities
• Reporting on all these capabilities
4. Dell World 2014
GPO Provisioning Tool
• Free utility allows Administrators to provision the KACE agent via GPO
• http://www.kace.com/support/resources/kb/solutiondetail?sol=133776
• Will create a GPO that can be linked to OUs or can modify an existing
GPO to add the KACE Agent installer
12. Dell World 2014
Server Inventory
• Inventory of the server works the same as other managed
computing devices (scheduled scans)
• Hardware and Software inventories captured at same intervals
• Running processes inventoried
• Can utilize agentless inventory for Non-Windows based servers
• “New”… Agentless inventory works best with SNMP
• Agentless Inventory of Linux based systems will count against
KACE license count but other servers would not
13. Dell World 2014
Labeling Servers
• Logically grouping similar systems (collections)
• Ideally servers should be broken out into Smart Labels (dynamic)
• Can be grouped by any category (OS, IP Subnet, Software
installed, free space)
• Create labels thinking about how the machines need to be
targeted with patches, scripts, software installs
• Smart Labels can use inventory data to group machines
• LDAP labels utilize AD structure to group machines
• Manual Labels can also be used if LDAP and Inventory records
cannot accurately group machines
• Nested labels can also be useful… “label of labels”
17. Dell World 2014
Labeling Patches
• Using Patch Smart labels allows for smaller more controlled
patch deployments
• Server patches can be split up from desktop patches
• Vendor and Impact fields very useful in developing groupings for
patches
• Any known patches that cannot be deployed can be excluded
from the label or marked as inactive
19. Dell World 2014
Developing a Patching Strategy
• Every organization has a different approach to patching
• Using patch and machine labels, patch targeting should be
simple
• IT Staff should sit down and map out patching strategies on a
whiteboard
• Setting patch schedules to be automatic for a test group and
then manually enabled for production would help iron out any
issues with patches before they hit production machines
21. Dell World 2014
Patching Clustered Servers
• Server clusters present a unique challenge
• All servers cannot be patched and rebooted in the same cycle
• Developing labels for clustered servers can control patching to
server clusters effectively
Cluster Server Schedule
Exchange EXCH-01 Thursday
Exchange EXCH-02 Friday
Exchange EXCH-03 Saturday
SQL MSSQL-01 Thursday
SQL MSSQL-02 Friday
SQL MSSQL-03 Saturday
22. Dell World 2014
Dell Updates
• Driver updates are only for Dell servers running Windows
• Dell Open Manage can help manage patching for ESX and other
hosts
• Similar to patching, Dell server updates can be grouped
(labelled)
• Driver and BIOS updates included in the Dell Updates can be
scheduled
• Make sure these updates do not conflict with patch deployments
• Develop a schedule to deploy Dell updates and test functionality
before pushing to all production servers