Blog

  • High Availability, Inc. Named One of 2019 Tech Elite Solution Providers by CRN®

    High Availability, Inc. Named One of 2019 Tech Elite Solution Providers by CRN®

    March 29th, 2019
    Read More

    High Availability, Inc. Named One of 2019 Tech Elite Solution Providers by CRN®

    Audubon, PA, March 29th, 2019 - High Availability, Inc. announced today that CRN®, a brand of The Channel Company, has named High Availability, Inc. to its 2019 Tech Elite 250 list. This annual list honors a select group of North American IT solution providers that have earned the highest number of advanced technical certifications from leading technology suppliers, scaled to their company size. These companies have distinguished themselves with multiple, top-level IT certifications, specializations, and partner program designations from the industry’s most prestigious technology providers.

    To compile this annual list, The Channel Company’s research group and CRN editors work together to identify the most customer-beneficial technical certifications in the North American IT channel. Companies who have earned these elite designations— which enable solution providers to deliver premium products, services, and customer support—are then selected from a pool of online applicants.

    “We are honored to be once again included in the 2019 CRN Tech Elite 250,” said Chris Black, Chief Technology Officer of High Availability, Inc. “This award reflects the extremely talented group of engineers, operational staff, project managers, and system architects that makes High Availability, Inc. one of the nation’s leading Systems, Containers, Cloud and Managed Services integrators.  We are continuing to invest in our talent and partner ecosystem, and as such, their dedication and commitment to our clients and their craft is an honor to be a part of.   We look forward to continuing delivering outstanding solutions and support for our clients.”

    Coverage of the Tech Elite 250 will be featured in the April issue of CRN, and online at www.CRN.com/TechElite250

    High Availability, Inc. is a premier solution provider and integrator of data center products and cloud services. High Availability, Inc. solves complex business challenges by architecting and implementing forward-thinking technical solutions, while forming trusting, collaborative relationships. By taking a hands-on, consultative approach, the High Availability, Inc. team creates custom tailored systems and solutions to fit both current requirements and future IT and business needs.

    ###

    Media Contact:

    For more information about High Availability, Inc., please contact Liz Thompson, Marketing Manager, at (610) 254-5090 ext. 256 or lthompson@hainc.com

  • The End is Near (for SQL and Windows 2008). Are you prepared?

    The End is Near (for SQL and Windows 2008). Are you prepared?

    March 6th, 2019
    Read More

    We get it; change is scary. If you've been running the same operating system for many years, a large-scale overhaul is understandably intimidating.

    If you have been putting off the inevitable, it's time to start making some critical decisions. Microsoft is ending support for SQL Server 2008 and 2008 R2 on July 9 and Windows Server 2008 and 2008 R2 on January 14, 2020.

    The good news is that, if you are still relying on these systems, you are not alone. It is estimated that about half of enterprise server and database servers are running on the 2008 platforms.

    Typically, the end-of-support deadline for enterprise software triggers uncertainty, but it is also an opportunity to evaluate your datacenter strategy. Some of the questions to ask your team include:

    • Will our core line of business applications run on a newer operating system? And what version(s) are supported?
    • Do we still have a maintenance or support agreement with those software vendors to help with the migration/upgrade?
    • Were any key custom applications written by an employee who is no longer with the organization?
    • Is there money in the capital budget for the new hardware required for a server upgrade?
    • What are our long-term plans: are we planning on maintaining our datacenters or are we considering some cloud solutions?

    There is no right or wrong plan; the path for your organization depends on the risks/rewards that you are willing to accept.

    Do Nothing – This is certainly the least expensive option (in the short run). Yes, you can avoid spending on hardware and migration costs for now; however, many software vendors will only support the most recent versions of their applications. You run the risk of voiding any support agreements plus the ability to upgrade to the newest versions which provide those features and functionalities that your business needs to grow. This route also exposes your company to both security and compliance issues and potential fines.

    Purchase Extended Support – For some applications, you may be able to purchase an extended support contract for approximately 75% of the yearly licensing costs. Yes, your systems will stay patched, but you will still be unable to upgrade in order take advantage of the features and benefits that new versions offer.

    Upgrade your Datacenter – New hardware coupled with application migrations/upgrades avoid the security and compliance risks of the other two solutions, but they carry serious capital expenditures plus the costs associated with training your staff to manage and run these newer platforms. Additionally, this further entrenches your organization in the on-going hardware refresh cycles.

    Move to the cloud – There are multiple cloud solutions available. Perhaps your application’s vendor has a cloud-based version that would allow your team access without having to be in the office. Maybe you want to get out of the datacenter business entirely and move your systems to AWS, Google or Microsoft Azure. These cloud providers offer the platforms (PaaS) and infrastructure (IaaS) to run your servers on a monthly subscription basis while the vendor assumes the burden of maintaining the infrastructure and its availability.

    Hybrid cloud – If you are not ready to throw all of your systems into the cloud at once, a hybrid approach may be the ideal solution. This approach preserves your option to develop a cloud migration strategy to reduce your datacenter footprint, while still leveraging the benefits that an IaaS or PaaS solution offer. You might decide to transition systems due for a hardware refresh to the cloud immediately while keeping others on-premises, for compliance, governance or legacy issues. For these systems, an on-premises upgrade let you take advantage of the new security and feature capabilities in Windows Server 2019.

    Moving workloads to the cloud allows companies to shift IT costs from the capital to the operational budget. With the subscription model offered, organizations pay only for consumed resources and can scale up and down as needed. Compare this to the on-premises options where hardware is purchased upfront based on four to six-year usage predictions.

    End of support can be viewed as either a time of uncertainty or as one of opportunity. High Availability can help you evaluate your options and plan the most appropriate path forward; whether that is a datacenter upgrade, a cloud migration or a hybrid solution. Reach out to begin your path forward. You can also learn more about the End of Support for Windows 2008 and SQL 2008 here:

    https://azure.microsoft.com/en-us/blog/announcing-new-options-for-sql-server-2008-and-windows-server-2008-end-of-support/

  • High Availability, Inc. Recognized for Excellence in Managed IT Services

    High Availability, Inc. Recognized for Excellence in Managed IT Services

    March 5th, 2019
    Read More

    High Availability, Inc. Recognized for Excellence in Managed IT Services

    Audubon, PA, March 5th, 2019 - High Availability, Inc. announced today that CRN®, a brand of The Channel Company, has named High Availability, Inc. to its 2019 Managed Service Provider (MSP) 500 list in the Elite 150 category. This annual list recognizes North American solution providers with innovative approaches to managed services. These services help customers improve operational efficiencies, maximize return on IT investments, and continuously help them navigate the complexities of IT solutions.

    Managed service providers are integral to the success of businesses everywhere. They empower companies to implement and operate complex technologies while staying within their budgets and keep focus on their core business. CRN’s MSP 500 list identifies the most groundbreaking managed service organizations, with advanced solutions that have endless potential for growth.

    This annual list is divided into three categories: the MSP Pioneer 250, recognizing companies with business models weighted toward managed services and largely focused on the SMB market; the MSP Elite 150, recognizing large, data center-focused MSPs with a strong mix of on-premises and off-premises services; and the Managed Security 100, recognizing MSPs focused primarily on off-premises, cloud-based security services.

    “Capable MSPs enable companies to take their cloud computing to the next level, streamline spending, effectively allocate limited resources and navigate the vast field of available technologies,” said Bob Skelley, CEO of The Channel Company. “The companies on CRN’s 2019 MSP 500 list stand out for their innovative services, excellence in adapting to customers’ changing needs and demonstrated ability to help businesses get the most out of their IT investments.”

    The MSP500 list will be featured in the February 2019 issue of CRN and online at www.CRN.com/msp500

    High Availability, Inc. is a premier solution provider and integrator of data center products and cloud services. High Availability, Inc. solves complex business challenges by architecting and implementing forward-thinking technical solutions, while forming trusting, collaborative relationships. By taking a hands-on, consultative approach, the High Availability, Inc. team creates custom tailored systems and solutions to fit both current requirements and future IT and business needs.

    ###

    Media Contact:

    For more information about High Availability, Inc., please contact Liz Thompson, Marketing Manager, at (610) 254-5090 ext. 256 or lthompson@hainc.com

  • Veeam 9.5 Update 4 - The one we’ve been waiting for

    Veeam 9.5 Update 4 - The one we’ve been waiting for

    February 18th, 2019
    Read More

    A few weeks ago, Veeam released “Update 4” for version 9.5 of the Backup and Replication product.  There has been much discussion around this release, and it’s date has been anticipated for quite a while.  Last week I finally had a chance to dig into the details and kick it around in the lab.  Some of the features that were lacking in previous version are now part of the install, and I wanted to share some of the more important items from my viewpoint in the field.

     

    Native Object Storage Support (Veeam Cloud Tier)

     

    Veeam Cloud Tier is now an integral part of the scale-out backup repository, and is referred to in the GUI as the Capacity Tier.  It has the ability to use native object storage integration with Amazon S3, Azure Blob, IBM Cloud, and other S3-compatible technologies.  A policy can be created to tier backup files from a local repository (or Performance Tier) to cost effective long term object storage.  This has been one of the most asked about feature that I hear from customers.

     

    Restore to AWS and Azure Stack

     

    The direct restore to Azure process has been expanded to include the ability to restore backups to Microsoft Azure Stack as an IaaS VM.  More importantly, there is now a  Direct Restore to Amazon AWS EC2.  Both of these features are a great way to move or test VM recovery in the Cloud.

     

    Improved Security and Compliance (GDPR)

     

    Veeam Virtual Labs still exist in Update 4, but has been renamed to Data Labs.  Both Staged Restore and Secure Restore build on the proved success of Data Labs.  A staged restore can allow scripts or applications to be run agains a VM for GDPR compliance, while a Secure Restore enables a guest file system to be scanned for malware.

     

    Application Plug-Ins

     

    Veeam has been lacking a plugin for Oracle RMAN since the beginning. In Update 4 DBA’s can now use the RMAN manager to perform backup and restores to a Veeam repository.

     

    Tape

     

    Update 4 has several VERY important updates to tape.  First and foremost we now have the ability to do native NDMP backups.  This has far been the most requested feature that I have come across in the field over the past few years.  Customers who have had to maintain legacy backup solutions to handle larger NAS shares can now use Veeam for NDMP.  The other items worth mentioning are support for parallel processing of FGFS media pool, and the ability to schedule specific start times for GFS tape backup jobs.

     

     

    Overall there are some great features and much needed functionality that comes out of the Update 4 release.  The list above is in no way a complete coverage of everything that has been included in the latest update, but what I consider the top items.  As Veeam continues to provide customers with a solid and scalable data availability solution, I'm certain there will be much more to come.    

  • How to update AnyConnect & Compliance Modules on Cisco Identity Services Engine (ISE)

    How to update AnyConnect & Compliance Modules on Cisco Identity Services Engine (ISE)

    January 11th, 2019
    Read More

    How to update AnyConnect & Compliance Modules on Cisco Identity Services Engine (ISE)

     

    I've recently had the pleasure of deploying Cisco's Identity Service Engine (ISE) as an integrated security solution for a customer.  Part of the ISE deployment involved configuring determining the security posture for VPN-connected clients, prior to allowing the client node access to the corporate network.

     

    In order for VPN posturing to work on the ASA firewall, there is an additional compliance module that must be installed on the ASA.  The Compliance Module (aka ISE Posture Module) is part of the AnyConnect Secure Mobility Client and offers the Cisco AnyConnect Secure Mobility Client the ability to assess an endpoint's compliance for things like antivirus, antispyware, and firewall software installed on the client endpoint. 

     

    In our lab environment, we deployed the windows version of the compliance module on our Cisco ASA firewall.  See diagram below:

     

     

     

    It is crucial that the Client Provisioning Policy within ISE references the appropriate version of both the AnyConnect and Compliance packages that are deployed on the ASA firewall.  I've seen instances where the VPN posture module does not work correctly due to the version mismatch between ISE and the ASA firewall and where the posture check does not kick off while the client endpoint is attempting to connect via VPN to the corporate network.

     

    Unfortunately, while the ISE administrator can edit the Compliance Module version under the AnyConnect Agent Configuration, the AnyConnect Package CANNOT be edited.  To align the AnyConnect Agent Configuration versioning name with the AnyConnect Package, I highly recommend on creating a new AnyConnect Agent Configuration.

     

    As far as compatibility between the AnyConnect and Compliance Module is concerned, a quick check of the compatibility matrix indicates that the AnyConnect Secure Mobility Client needs to be 4.x.  This support documentation also lists the supported versions of patch-management, anti-virus, anti-malware, etc.

     

    The following steps below details the step-by-step procedure on how to update both the AnyConnect and Compliance Module on the Cisco ISE Policy Administration Node (PAN).

     

    1. Update AnyConnect and Compliance Module Packages on Cisco ASA firewall
      1. AnyConnect and Compliance Module Packages are downloaded from Cisco Online
      2. Move the firmware to the ASA flash
    2. Download and install AnyConnect Package on Cisco ISE
      1. Policy > Policy Elements > Results > Client Provisioning > Results
      2. Click Add > Agent resources from local disk:

     

     

    1. Select "Cisco Provided Packages" and click on the "Browse" button to upload the package to ISE.  Click on the Submit button.  Another window will then prompt the ISE administrator  to confirm the MD5 hash, click on OK.

     

     

    1. Download and install the AnyConnect Compliance Module (.pkg) on ISE:
      1. Policy > Policy Elements > Results > Client Provisioning > Results
      2. Click Add > Agent resources from local disk:

     

     

    1. Select "Cisco Provided Packages" and click on the "Browse" button to upload the package to ISE.  Click on the Submit button.  Another window will then prompt the ISE administrator to confirm the MD5 hash, click on OK.

     

     

     

    Once the new AnyConnect and Compliance Modules have been uploaded, a new Posture Profile will need to be created.

     

    1. Create a new Posture Profile
    1. Policy > Policy Elements > Results > Client Provisioning > Resources
    2. Click Add > AnyConnect Configuration

     

     

    1. Select the new AnyConnect Package under the dropdown

     

     

    1. Enter the configuration name.   Include the version number in the name - ex "AnyConnect Configuration 4.5.4029.0"
    2. Select the new compliance module that was added to ISE in Step #3.
    3. Under Profile Selection, select "POSTURE_PROFILE"
    4. Leave everything else to default and click on the "Save" button.

     

     

     

    The final step is to modify the Client Provisioning Policy to include the new AnyConnect Agent Configuration in ISE.

     

    1. Modify the Client Provisioning Policies
      1. Policy > Client Provisioning
      2. Edit the Windows rule to include the new AnyConnect Agent Configuration

     

     

    1. Under Results, under Agent, select the new AnyConnect agent that was just created.

     

     

     

    1. Click on Save and we should be good to go.
  • Grey-Market IT Equipment: A Cautionary Tale

    Grey-Market IT Equipment: A Cautionary Tale

    December 31st, 2018
    Read More

    Grey-Market IT Equipment: A Cautionary Tale

     

    These days, every IT organization is under scrutiny to spend less. It is the responsibility of every IT practitioner to ensure they’re getting the best value for the money their organization spends on IT products and services. With shrinking budgets and increasing needs, some purchasers look for ways to get creative and find deals that may be just a little too good to be true.

     

    Recently I had an experience with a customer who some time ago needed to refresh some network components. We proposed a Meraki cloud-managed solution for them as it was a good fit for the customer profile, but the customer decided to cut costs and corners by purchasing some of their equipment via eBay. Their intent was to get the gear cheaper off eBay (supposedly new in box) and buy new Meraki licenses from H.A.

     

    We strongly cautioned against this approach for a variety of reasons, but in the end, Meraki does support the purchase of second-hand equipment. Here is a link to their policy on the topic.

     

    So, the customer bought their gear and everything seemed OK during the deployment. Fast forward about 9 months later. That recent day, their firewall shut down and disappeared from their Meraki dashboard. The customer contacted H.A., and our engineer opened a case with Meraki support. Meraki support said:

     

    “After additional investigation, I found that the firewall was part of a trial program, and the device was indeed shutdown after the trial period. Please confirm with your Admin network and with your  Meraki Representative for confirmation and guidance, as it is possible that the device will be removed again as it is reported as part of a trial.”

     

    In other words, Meraki remotely killed the device. Why? Our account manager reached out to the Meraki rep covering the customer. The response from the Meraki rep was:

     

    “So I don’t have good news, the gear was in fact part of a trial that was not returned or paid for. Support just did a mass shutdown of all of those somewhat “stolen" units which is why they are experiencing issues. If this unit had been properly unclaimed and resold they wouldn’t be experiencing this issue but that isn’t the case which is why grey market is always a risk.”

     

    In other words, someone ordered this firewall as part of a free trial, did not purchase the device in the end (e.g., ended their trial), and either unknowingly or deceitfully then did not return the device and instead sold the device on eBay. Eventually, Meraki, as part of a batch cleanup, remotely killed the device since it was, in effect, stolen.

     

    This is, admittedly, a rather extreme example, since the manufacturer was able to remotely disable the “stolen” equipment. However, I seen similar situations many times before where a device purchased through a private transaction or a less-than-reputable online seller may turn out to be ineligible for a support contract/warranty or some sort of a subscription renewal or a software upgrade because it has not officially been transferred to the party that now has possession of the physical device.

     

    Purchasing IT equipment in this way – second-hand, through private transactions or online auction sites – is usually called the “grey market” because while legal to purchase a physical object in that way, it is often a violation of the manufacturer’s licensing terms and conditions for someone other than the original purchaser to then use the software that would run on that device. In short, the physical device itself is not the question, but a non-transferrable software license or subscription is.

     

    To make such a purchase legitimate, most manufacturers have a process whereby the device in question can be “recertified” or “requalified” to make the transfer completely official and transfer/assign all applicable software licenses to the new owner. The problem is, most buyers don’t even realized this is required, and even if they do, they rarely bother. Worse yet, I’ve encountered many recently-hired administrators who have inherited an environment only to discover that their equipment inventory consists of grey-market gear that they can’t get manufacturer support on or obtain a much-needed software update for. A decision to turn to the grey market may become a major headache for someone down the road even if the risk is understood at the time of purchase.

     

    Here at High Availability, we always try to make sure that our customers get a fair price and a great value on equipment they purchase from us. And our customers get the reassurances of working with an authorized reseller to purchase new equipment that is ready to run without hassles. We always recommend working with an authorized reseller to get your equipment, but if you do decide to buy from the grey market be sure to research the policies and requirements of the manufacturer in questions, understand the risks, and caveat emptor.

  • Veeam Services You May Not Know We Can Offer

    Veeam Services You May Not Know We Can Offer

    December 10th, 2018
    Read More

    In the IT universe, managing backups can be a sore subject: tedious, time-consuming, and annoying to say the least!

    Our mission, as your partner, is to become an extension of your IT team, so that you can focus on what's most important; your business.

    Wouldn't it be nice if backups were someone else's problem?  Send your backup failure emails to us!  We aim to fix problems you didn't even know you had.

     

    Sound great?  As both a Veeam Gold Service Provider and Gold Reseller, here are a few highlights of some of the services we offer:

     

    1. Veeam Cloud Connect

    This is a cost-effective option for our clients that would like to immediately start copying their backup data off-site.

    There is no need for a VPN, or for any additional resource consumption in the H.A. cloud, making for a simplified billing process.

    Adding this service could not be simpler.  Go to your Backup Infrastructure tab, click the Service Provider tab, and click Add Service Provider.

    From here, you can point your backup or backup copy jobs into your brand new cloud repository. 

    Not much internet bandwidth available?  We also offer a seeding service where we send a NAS on-site and assist with the initial copy. Then, ship the device back to us and we take care of copying the data into your cloud repository.

     

    2. Veeam backup management as a service

    Over the years, we have grown from managing tens, to hundreds, to thousands of VMs protected by Veeam.  Our managed backup as a service business is in high demand for good reason. 

    We offer two flexible options:

    This one is simple:  We take over management of all aspects of your existing on-site Veeam environment.

    Or, let us architect a new Veeam infrastructure and manage it, whether hosted on-premises or in our private cloud.

     

    Our value added service is managing the data life-cycle; defining the path your data takes from production to backup, to backup copies, and replication.

    In both cases, we are always working on testing the integrity of your backups with routine test restores.

    Self-service restores are an option with Veeam Enterprise Manager, or feel free to submit a support ticket and have us take care of it for you.

     

    3. Veeam disaster recovery as a service

    We live in an always-on world and your business expects nothing less.  This offering rolls the best of our other Veeam services into the ultimate protection plan.

    Our on-demand disaster recovery service allows you to replicate your VMs to our private cloud, backed by VMware vCloud Director for self-service console access.  We can deploy Veeam from scratch or use your existing Veeam environment.  You can choose from different datacenters around the country and in different power grids for geographic diversity.  We can also easily add long term archiving pulled from the replicas so that your production environment is only taxed once.

    An approved disaster recovery process will be developed with an infrastructure recovery strategy and prioritized restoration instructions. 

Join the High Availability, Inc. Mailing List

Subscribe