Building an IT Infrastructure Today vs. 10 Years Ago

rjupstate sends an article comparing how an IT infrastructure would be built today compared to one built a decade ago. "Easily the biggest (and most expensive) task was connecting all the facilities together. Most of the residential facilities had just a couple of PCs in the staff office and one PC for clients to use. Larger programs that shared office space also shared a network resources and server space. There was, however, no connectivity between each site -- something my team resolved with a mix of solutions including site-to-site VPN. This made centralizing all other resources possible and it was the foundation for every other project that we took on. While you could argue this is still a core need today, there's also a compelling argument that it isn't. The residential facilities had very modest computing needs -- entering case notes, maintaining log books, documenting medication adherence, and reviewing or updating treatment plans. It's easy to contemplate these tasks being accomplished completely from a smartphone or tablet rather than a desktop PC." How has your approach (or your IT department's approach) changed in the past ten years?

Re:Not much difference

[mlts]

In 2003, Sarbanes-Oxley was passed, forcing companies to have to buy SANs just to stick E-mail for long term storage/archiving.

For the most part, things have been fairly static, except with new buzzwords and somewhat new concepts. A few things that have changed:

1: Converged SAN fabric. Rather than have a FC switch and a network switch, people are moving to FCoE or just going back to tried and true iSCSI which doesn't require one to fuss around with zoning and such.

2: Deduplication. We had VMs in '03, but now, whole infrastructures use that, so having disk images on a partition where only one image is stored and only diffs are stored for other machines saves a lot of space.

3: RAID 6 becomes necessary. I/O hasn't gone up as much as other things, so the time it takes to rebuild a blown disk is pretty big. So, RAID 6 becomes a must so degraded volumes rebuild.

4: People stop using tape and go with replication and more piles of hard disks for archiving. Loosely coupled SAN storage in a hot recovery center becomes a common practice to ensure SAN data is backed up... or at least accessible.

5: VMs use SAN snapshots for virus scanning. A rootkit can hide in memory, but any footprints on the disk will be found by the SAN controller running AV software and can be automatically rolled back.

6: We went from E-mailed Trojans, macro viruses, and attacks on firewalls and unprotected machines to having the Web browser being the main point of attack for malware intrusion. It has been stated on /. that ad servers have become instrumental in widespread infections.

7: The average desktop computer finally has separate user/admin access contexts. Before Vista, this was one and the same in Windows, allowing something to pwn a box quite easily.

8: The OS now has additional safeguards in place, be it SELinux, Window's Low security tokens, or otherwise. This way, something taking over a Web browser may not be able to seize a user's access context as easily.

9: BYOD has become an issue. Ten years ago, people fawned over RAZR-type devices and an IT person had a Bat Belt of devices, be it the digital camera, MP3 player, the PDA, the pager, the cellphone, and the Blackberry for messaging. Around -05, Windows Mobile merged all of this into one device, and '07 brought us the iPhone which made the masses desire one device, not a belt full.

10: Tablets went from embedded devices to on desktops and big media consumption items.

11: Music piracy was rampant, so one threat was people adding unexpected "functionality" to DMZ servers by having them run P2P functionality (AudioGalaxy, eMule, etc.)

12: We did not have to have a Windows activation infrastructure and fabric in place, where machines had to have some internal access to a KMS box to keep running. XP and Windows Server 2003 had volume editions which once handed a key would update and were happy for good.

13: UNIX sendmail was often used for mail before virtually everyone switched over wholesale to Exchange.

14: Hard disk encryption was fairly rare. You had to find a utility like SafeBoot or use loopback encrypted partitions on the Linux side for data protection. This was after the NGTCB/Palladium fiasco, so TPM chips were not mainstream.

15: One still bought discrete hardware for hosts, because VMs were present for devs, but not really "earned their bones" in production. So, you would see plenty of 2-3U racks with SCSI drives in them for drive arrays.

Things that have stayed the same, ironically enough:

1: Bandwidth on the WAN. The big changes came and went after initial offerings of cable and DSL. After that, bandwidth costs pretty much have not changed, except for more fees added.

2: Physical security. Other than the HID card and maybe the guard at the desk, data center physical security has not changed much. Some places might offer a fingerprint or iris scanner, but nothing new there that wasn't around in 2003. Only major di