Replacing and backing up office server / Moving to cloud server

Hello!
We have an ancient server running in our office that needs to be replaced and properly backed up.  Our goal is ultimately to move to cloud server.  Following is our IT response:


"Phase I

Configure and ship a small HP brick server to be used to host applications to ECH.
Purchase and ship a Datto device to Solve IT Solutions
Configure the Datto device as required for initial link and then ship to Hawaii
Once both the server and Datto devices are received in Hawaii, connect the server to domain and migrate over applications
Create a virtual data center on our hosting platform only because we know the interoperability’s of it inside and out. This is information on our data center that we use and note that it is one of the largest in the world: https://www.switch.com. This is not owned by Solve IT Solutions (Although I wish I had stock) Microsoft Azure is basically a hosting platform that is similar to the ones that we use that runs out of datacenters like these.
In your virtual data center, we will create a domain controller and a virtual router.
Connect a site to site vpn a connection between your office and the virtual data center
Migrate your Domain Controller to the cloud server
Demote the on-site server and take offline to save for the time being.
Configure the Datto device to backup the onsite VM’s in encrypted format
Test the entire operation and ensure that all applications are working as required as well as log on and log off capabilities.
Once up and operating smoothly over the course of the next monthly move to phase II
 

Phase II

Create a new Virtual machine in the cloud data center and test going down the application list to include: BE Studio, EyeSuite and Optos. Each one of these could be performed as its own project and would have to be time & material based as we will not be sure of the time needed to configure these applications since we will have little to no support from the vendors.
As one application is configured in the cloud, we move to the next application.

One caveat to this whole proposal is that it would have to be setup in our datacenter for several reasons:

We charge for the hosting of the server and it also includes Managed Services.
We of course, as the designers of the solution, want ability to resell the services and reap the profits from the hosting and assume the liability of the hosting of these services.
We have the entire process streamlined on our hosting platform that makes it easier for us to maintain and manage. The time that we would quote on this project would be based on something we have done many times over and are comfortable with and know inside and out. We do not stray from our platform because it is what we know best. It would be like saying to you that we wanted you to perform an eye operation on a patient using new equipment for the first time with no training.
Just as an added extra bonus, our hosting platform that we use on the back end has been awarded many awards and has a 99.9% uptime:"


Opinions about the plan?  

1)  What brick server options would you recommend?  We are only storing databases from various medical equipment and networking 20-30 workstations/devices.  We use GSuite for all other functions.  We are also moving towards ChromeOS devices for basic workstations.  Please ask any questions about our needs.  

2)  I understand that Datto is the "gold standard" for backup and restore.  I also like the idea of being able to run off the Datto if the server crashed.  Opinions?  Is there a cheaper option (ie ShadowProtect + hybrid device) that would do the same thing, particularly since this would be an interim device until we are fully cloud based?


Thank you for any input!
hiloguyAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Allen FalconCEO & Pragmatic EvangelistCommented:
I think you are asking the wrong questions.  You are assuming that the path your IT provider is recommending is best without considering the assumptions and the direction in which they are taking you.

A few comments:

  • They are proposing a temporary server that you may be using for only a few months. While they are suggesting a "brick", or cheap server, this is still a sunk cost.
  • Datto is a great backup and continuity solution that includes an appliance (or a VM you setup).  Once you move off of your on-premise servers, you no longer need the appliance (you may keep the service for historical access for a period of time).  Depending on which device you use, this is a significant sunk cost.  We would recommend an offsite/cloud backup/recovery service with a smaller footprint, provided it can perform bare metal restores. These services often have contingency run options that, while not as automated/quick as Datto, do provide good service levels.
  • If you are moving full cloud and heading towards Chrome devices, Active Directory becomes less relevant. You have alternatives for identity and user management, including solutions that control access to devices on the network and off-net.
  • I could not easily find info on BE Studio, but EyeSuite and Optos are both systems that grab images off equipment and provide some editing functions. I would contact both vendors and discuss moving the server off-site and the impact that may have on their systems. Image editing may not be ideal via a remote desktop environment if the system is not web-based already. Your IT provider is assuming that they will run properly with remote servers, which may no be the case.
  • The IT vendor is pitching their own data center with 99.9% reliability. Note that this 10x less reliable than 99.99% and 100x less reliable than 99.999%.  In addition, using a vendors "Private" data center locks you into that vendor. If you ever decide to switch vendors, moving can end up being a logistical, and legal, mess. Deploying in Azure, Google Cloud Platform or another reliable public cloud, you can switch resellers without changing your infrastructure or moving your systems.
  • From the apps, I assume you are a medical practice.  The proposal says nothing about maintaining/ensuring HIPAA compliance. As they are steering you to their private data center, do they have a BAA? Have they been through a successful HIPAA audit for other clients?  Microsoft Azure, for example, is HIPAA certified infrastructure.
  • What is the timing? If you apps will run well on cloud-based servers using remote desktop/VDI or web access from Chrome devices and PCs, then this move can be made without a long drawn out process. You may be able to image the server "as is" into a cloud environment, although a clean build of the server is the better long term solution.  IMHO, architecture/planning is 2-3 weeks as you need to confirm information with your application vendors and coordinate with them for support, if needed. Building the server and testing is 2-3 weeks. Migration and cut-over can happen over a weekend.

You can have a contingency in place for your current server within days/week. IF your applications support the move, you can go "full cloud" within 6 to 10 weeks and without spending money on hardware that will no longer be needed within months. I suggest you explore other strategies and solutions.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Allen FalconCEO & Pragmatic EvangelistCommented:
Upon a bit more investigation ... It looks like EyeSuite does not care where the server is, that it works with a PC connected to the device. The software feeds the images and data into your EMR.

Also, if you are using G Suite, do you have the tools in place to ensure your use of Drive and Gmail are HIPAA-compliant?
0
David Johnson, CD, MVPOwnerCommented:
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

hiloguyAuthor Commented:
Thank you all.  A few comments/questions (bold) below in regards to responses (italic):

1)  They are proposing a temporary server that you may be using for only a few months. While they are suggesting a "brick", or cheap server, this is still a sunk cost.

I agree this is a sunk cost, however there are two reasons for this (I think).  The first is that we are using SBS 2011 Essentials and per our IT it does not support multiple databases.  Thus, some of our databases are on a NAS, some are on the equipment workstations, some on the server.  Our IT states that even though our current server does currently have multiple databases, they will not add additional as this would invalidate Microsoft support.  They also state that they cannot create VMs to support the individual databases.

We are not 100% certain ALL equipment software can function in the cloud environment.  

We are only considering this brick server in the interim as our current server is 6+ years old.  My current goal is to ensure we have proper backup in event of server crash.

Any input on best plan to achieve this goal, while considering future cloud move?  Does our existing server need to be replaced?


Datto is a great backup and continuity solution that includes an appliance (or a VM you setup).  Once you move off of your on-premise servers, you no longer need the appliance (you may keep the service for historical access for a period of time).  Depending on which device you use, this is a significant sunk cost.  We would recommend an offsite/cloud backup/recovery service with a smaller footprint, provided it can perform bare metal restores. These services often have contingency run options that, while not as automated/quick as Datto, do provide good service levels.

Currently we are only backing up to an internal HD.

I agree again that Datto is a sunk cost.  Do you have recommendations for a better option?  How about ShadowProtect?


If you are moving full cloud and heading towards Chrome devices, Active Directory becomes less relevant. You have alternatives for identity and user management, including solutions that control access to devices on the network and off-net.

Unfortunately, we will always (I think) need Windows based workstations since the proprietary equipment software often has viewing stations that must be installed to view data.  We've only implemented Chromeboxes to access our web based EMR and GSuite as well as to cloud scan and cloud print.


I could not easily find info on BE Studio, but EyeSuite and Optos are both systems that grab images off equipment and provide some editing functions. I would contact both vendors and discuss moving the server off-site and the impact that may have on their systems. Image editing may not be ideal via a remote desktop environment if the system is not web-based already. Your IT provider is assuming that they will run properly with remote servers, which may no be the case.

Yes, this is definitely one of the issues with moving to a cloud environment.

The IT vendor is pitching their own data center with 99.9% reliability. Note that this 10x less reliable than 99.99% and 100x less reliable than 99.999%.  In addition, using a vendors "Private" data center locks you into that vendor. If you ever decide to switch vendors, moving can end up being a logistical, and legal, mess. Deploying in Azure, Google Cloud Platform or another reliable public cloud, you can switch resellers without changing your infrastructure or moving your systems.

Agree.  I'm not a fan of being locked into their data center.  They were very adamant against Google Cloud or Azure.  

From the apps, I assume you are a medical practice.  The proposal says nothing about maintaining/ensuring HIPAA compliance. As they are steering you to their private data center, do they have a BAA? Have they been through a successful HIPAA audit for other clients?  Microsoft Azure, for example, is HIPAA certified infrastructure.

Good question.  If they are not open to public cloud, I will not proceed with them.

What is the timing? If you apps will run well on cloud-based servers using remote desktop/VDI or web access from Chrome devices and PCs, then this move can be made without a long drawn out process. You may be able to image the server "as is" into a cloud environment, although a clean build of the server is the better long term solution.  IMHO, architecture/planning is 2-3 weeks as you need to confirm information with your application vendors and coordinate with them for support, if needed. Building the server and testing is 2-3 weeks. Migration and cut-over can happen over a weekend.


As discussed, I think the key issue if determining if the apps will run well in the cloud.  Aside from moving and testing each individual app, do you have any recommendations for doing this?

My more immediate / urgent need I feel is establishing a backup and continuity solution.

Thank you for the insight!
0
Allen FalconCEO & Pragmatic EvangelistCommented:
Your issues with support for your SBS Essentials is not just related to having multiple databases on your system.  Mainstream support for the components ended in January 2015.  You are only receiving security updates through 1/14/2020.

Depending on the amount of data you have on the server and the NAS, we have a few backup services we would consider that we can run ona month-to-month basis.  The better solution is our offering based on eVault.  It is a software agent and can support bare metal restores.

You would not want to build a VM replica of your existing server.  

From the additional information, I understand that the Windows machines run the equipment and capture the data.  They connect and save the data in the databases via the software from EyeSuite and Optos.  (Do these integrate with your EMR?).   You have 1 database on the server and others (1 or more) on a NAS.

The question is, can you have the devices and workstations local, connecting to a server or storage elsewhere.  A Windows server in Azure or GCP that is connected by secure VPN is not much different than connecting to a server in an office across town.

I'd be happy to chat about backup/continuity options in more detail.

My recommended next step is to get on the phone with your software vendors and have a discussion about what they do and do not support with respect to server, software, and database location.

On a side note, how is your Internet access speed?  And, is it symmetrical -- same speed up and down?
0
hiloguyAuthor Commented:
Thank you all.  A few comments/questions (bold) below in regards to responses (italic):

You would not want to build a VM replica of your existing server.  

Unsure if we are communicating on the same topic:  Per our IT "The host server will be broken down into an installed individual VM (Virtual Machine) for all of your databases "

Any problems with VM for each database?

From the additional information, I understand that the Windows machines run the equipment and capture the data.  They connect and save the data in the databases via the software from EyeSuite and Optos.  (Do these integrate with your EMR?).   You have 1 database on the server and others (1 or more) on a NAS.

The question is, can you have the devices and workstations local, connecting to a server or storage elsewhere.  A Windows server in Azure or GCP that is connected by secure VPN is not much different than connecting to a server in an office across town.

Key question that I don't have an answer to, nor does our current IT.

I'd be happy to chat about backup/continuity options in more detail.

Can we continue this topic?  I would like to know best options in my situation.


My recommended next step is to get on the phone with your software vendors and have a discussion about what they do and do not support with respect to server, software, and database location.

Agree and need to find IT that can do this for me and ask the key questions.

On a side note, how is your Internet access speed?  And, is it symmetrical -- same speed up and down?


Approximately 118 down, 9 up.  Is this acceptable in your opinion for cloud server?  Note:  We need to view images (I don't know the sizes).

Thank you for the insight!
0
Allen FalconCEO & Pragmatic EvangelistCommented:
With respect to VMs, I am not sure you are going to need separate VMs for each application/database. You may be able to use a single VM, or a SQL Server instance, running multiple databases at a lower cost.

Backup/continuity options: feel free to contact me directly. Our website is in my profile; you can grab my email address from there.

I would be happy to assist in a conversation with each of your app vendors.

Bandwidth:  A 118/9 circuit is not great for moving to a cloud server.  While you are viewing images, you are also saving them up to the server. A symmetrical service is a much better solution. Given your user/device count, I'd recommend 50 or 75 Mbps as a minimum.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Server Hardware

From novice to tech pro — start learning today.