Video Screencast Help
Search Video Help Close Back
to help
New in the Rewards Catalog: Vouchers for "Symantec Technical Specialist" and "Symantec Certified Specialist" exams.

suggestions on proposed NS7 deployment

Updated: 21 May 2010 | 8 comments
Christovan153's picture
Christovan153
+1 1 Vote
Login to vote
This issue has been solved. See solution.

(FYI I have already read the planning guide for NS7)

Layout:

Central Datacenter with SAN / VMWare / etc. (US)

20-30 sites scattered around the US, each one with anywhere between 300 - 800 nodes.
(im counting computers as nodes, would it be prudent to also count VoIP phones as a node as well? If so, nodes above would need to be doubled.

Note that this is only 1/4 of the company (and is more of a test case to decide if we should deploy company wide).  The other 3/4 is setup something like 2 datacenter grade areas, with roughly 10-20 sites,  but this time anywhere from 1000 - 3000 nodes each.

Solutions 

Solution 1 (1/4 build out)

Root NS Server hosted at datacenter, running SQL off box.  (this would most likely be run on the ESX setup possibly with vCenter for management, though at the min. vSphere)

a second NS Server for reporting purposes only.

NS Server in each site; setup based on total nodes in site.  All would have at least 1 site server setup.  

Simple hub and spoke setup really.

Reasons:  Expansion...  if/when the other 3/4 gets NS, we can simply setup a few regional NS Servers in the other datacenters, and then demote the current root NS server to a regional one, and then setup a new Root server in the most logical location. 

Downsides for first 1/4 build out:  not sure?  maybe hardware requirements?  Could i get away with a single root NS Server + site servers in each site with NO NS Server at all?  The problem I see there is that the local support staff would have trouble managing their site if the only NS Server was hundreds of miles away.

There are so many different options to setup this stuff that it is getting my head all tied up in knots!  I actually had 2 solutions ready to type up, but they got merged into this one, so I only have one right now.

What are some of the more important items I should consider when deploying?

Local support resources:  1-2 Admins per 1000 nodes.
2 usable datacenters within US
PTP connections between datacenters / corp and sites.
24/7 operations at some locations.
VPN users
reporting very important
Will be running Asset management, software deployment, software metering, deployment 7.1 (possibly depends on if we like it vs DS 6.9), inventory solution, patch management and I am missing something cant remember what the last one was.

Thanks in advance!


discussion Filed Under:
, , , , , ,

Comments

KSchroeder's picture
14
Mar
2010
1 Vote +1
Login to vote
KSchroeder
Trusted Advisor

Probably don't need multiple NSes

Hi Christovan,
I think you can probably get by with 1 NS (possibly with a secondary box for reporting/Asset if you like), provided you have enough horsepower behind it, particularly on the SQL box.  The traffic between the NS and clients isn't all that much.  You'll definitely need Site Servers though (possibly more than one, depending on how much Task-specific work you'll be doing).

I'm basing this on our existing NS6 environment which covers about 17,000 nodes across 130+ sites in North America.  Just my humble opinion...you may want to consult with Symantec consulting services or a certified partner company.

Thanks,
Kyle
Symantec Trusted Advisor

For Forum threads, please click "Mark as Solution" if answered.
For all content, please give a thumbs up if you agree with or support the post.

JeffDG's picture
15
Mar
2010
1 Vote +1
Login to vote
JeffDG

Certainly Not that many NSs

Each NS you build significantly increases your management burden.

I'm fairly comfortable running 8,000-10,000 per NS, with Site Servers (with Package and Task Services) running in each site.  The task servers will offload a lot of the DS 7.1 traffic for you along with a lot of the SW delivery traffic if you go task-based.

In terms of server sizing, remember that NS 7.0 is a 32-bit .NET application server.  Regardless of what the P&I Guide says, the NS will not be able to utilize more than 4 GB of RAM until version 7.1 is released (which will support 64 bit).

Keep your hierarchy shallow.  Every level delays the rollup of data to your reporting server, and makes your reports less fresh.

SOLUTION
Christovan153's picture
15
Mar
2010
1 Vote +1
Login to vote
Christovan153

 This was exactly the

 This was exactly the information I was looking for!

One more question about the NS portal.

If I have 30 sites, each with a local admin, it would make sense that the local admin would have rights to his group of NS objects to manage.

This is easy for sure, as you can dish out user rights within NS pretty much the same way you would in AD.

However, what type of hit is 20-30 admins accessing the portal going to create?

Since I don't think there is a way to offload the portal site, they would all be hitting the main NS server.  maybe breaking it down to a single root NS server + 1 NS for each region would be the ideal way to go (all in VM, with an off box DB).  This way the root NS could then BE the reporting server basically, with each regional NS being the main point of management.

with regards to the server hardware.

If I have a 2k3 box with 8GB ram (32bit OS), NS would use the first chunk of memory (up to the 4GB mark), and then I could have SQL use the last 4GB? (with PAE or AEW?)

Thanks!

KSchroeder's picture
15
Mar
2010
1 Vote +1
Login to vote
KSchroeder
Trusted Advisor

Offbox SQL

For that many nodes, you want a dedicated 64bit SQL 2005 server with 8GB+ for the database (our box is a dual/quad core with 48GB).  The NS itself, as Jeff mentioned, is at present a 32bit application, and won't really benefit much (if at all) with > 4GB RAM.

As for admins in the console...I don't think you'll see too much trouble from this.  Typically no more than a few of them will be in the console at once, so I wouldn't expect it to have much impact.

Thanks,
Kyle
Symantec Trusted Advisor

For Forum threads, please click "Mark as Solution" if answered.
For all content, please give a thumbs up if you agree with or support the post.

JeffDG's picture
15
Mar
2010
1 Vote +1
Login to vote
JeffDG

Definite Off Box SQL

Don't even think of running this number of nodes "on box" SQL...

Both the SQL server and the NS are vere I/O intensive.  You will likely bottleneck you disk channel if you try and share them on a single server.

Keep your servers with 8 GB...have the memory available for 7.1!

Christovan153's picture
15
Mar
2010
1 Vote +1
Login to vote
Christovan153

Awesome guys, thanks for all

Awesome guys, thanks for all the information.

I have gained a lot from this thread!

One of you should think about writing up an article about your deployment specifics as this was much more informative than the Symantec documentation.
(which is understandable, as that documentation is more about discussing everything you can do implementation wise vs what "best practices" are)

Thanks again everybody.


JeffDG's picture
16
Mar
2010
0 Votes 0
Login to vote
JeffDG

Find a User Group in your area

I actually did a present last Thursday on our lessons-learned with V7 so far...the UGs are a tremendous resource.

KSchroeder's picture
19
Mar
2010
0 Votes 0
Login to vote
KSchroeder
Trusted Advisor

Jeff, You should post your

Jeff,
You should post your presentation (or a PDF of it) to the Downloads section here on Connect.  It may help others (depending on how much content is actually in the presentation, and how much was actually delivered by your speaking), and you'll get some good points for it.

Thanks,
Kyle
Symantec Trusted Advisor

For Forum threads, please click "Mark as Solution" if answered.
For all content, please give a thumbs up if you agree with or support the post.

Technical Support

Symantec.com

Store

Community Stats

Total Content Items
Members
259,085