Quit checking the audit “check box”!

April 25th, 2016 at 10:12 PM  No Comments

I am fortunate in my new role to have a lot of freedom.  There wasn’t a lot of structure in place when I started so I can mold the IT policies as I see fit.  This has been a blessing, and a curse as I try and navigate the standard IT policies that I have been pushed to enforce in my previous roles.  Back then people would ask me why we need to change passwords so often.  “Because it keeps us secure, and the company policy says so” would be my response.  I never stopped and asked myself why things like this were put in place, and ultimately, does it really keep us secure?

Lets break down the common rule sets that have been the cornerstone of just about every password policy put in place.

8 Character Minimum Passwords

This has been common practice for quite a long time but I don’t think this requirement has kept up with the times.  Is 8 character passwords really enough?  Having passwords that are at least 8 characters will check the box when the auditor comes around but is that what we really should be focused on?  Why aren’t we trying to push people to longer (simpler, easier to remember, more secure)  passphrases?

Complexity Requirements

Everything from special characters, to numbers, to upper or lower case digits fall under password complexity.  And with an 8 character password, I think they are necessary.  If we start pushing people to phrases, and spend a little time educating people on choosing a simple secure password, why do they need to be enforced?

Password Expiration

This along with Length I believe are the two most used “Audit Check” boxes that are out there.  This setting is the amount of time a user can have their password before the system forces them to choose a new password.  The standard just about everywhere is 90 days.  Most users who feel their password is a burden and hard to come up with will write down their password on a sticky note, leave it under their keyboard (or worse, attached to their monitor) and it will take them 30+ days to remember it without looking (just because we always have to look to “Double Check”) and then 30 or so days later the dreaded password expiration countdown starts.  Personally I think I do a good job at password management, but 90 days still annoys the hell out of me.  If you are in IT and you are reading this thinking “WAAAAHHHH you need to change your password every 3 months” take the “Password never expires” check box off your account for 6 months, and I have a feeling your thought process may change.

Enough ranting about it, but why do we need to change it every 90 freaking days?  How is this going to keep me secure?  This only helps if your password db gets stolen, and with our 8 character limit above and our modern hardware, it doesn’t matter if you change your password every 30 days, you are screwed.  According to this article (I didn’t fact check) 90% of 8 character “complex” passwords are cracked in seconds in this case.

Password History

This setting usually sets the number of times you need to create a new password, before you can use the old one again.  I don’t understand why this is even an option to leave off if you are setting your passwords to expire after a specific amount of time.  If I make my users change their passwords (no matter the interval) shouldn’t I require that each password is unique?  If I don’t, they fall into a pattern.  IE:  I set my first password to Penelope!1 for Q1, Penelope !2 for Q2, and so on.

We need to stop trying to “check the audit checkbox” and start looking at the business requirements, and designing our password policy around those.  In my opinion, these items should be key for building a good password policy.

  • End user education is paramount.  Show them how easy it is to create a longer passphrase and give them benefit to doing so.
  • 8 Character limits with forced complexity is not enough, try and push people to 15+ character passphrases.
  • Don’t just set password expiration to 90 days, depending on your other requirements (length, complexity, etc.) push it out to 6 months.  I think you will find far less sticky notes under keyboards!
  • One size does not fit all.  Look at a solution like Specops Password Policy and give your end users options.  They want a 8 character password, fine.  It needs to be complex and you are changing it every 30 days.  You have a 20 character passphrase, your password doesn’t expire for a whole year.

Lastly, don’t be lazy.  If your users have a 90 day password reset requirement being in IT you should have AT LEAST the same.  Get out and talk to the people who need to follow this policy and figure out what their feelings are.  Find out what bad security practices they do, and figure out how to solve that issue for them.  I think you will get a lot more out of it instead of just reviewing your audit checklist.

Lenovo: What have you done?

June 16th, 2015 at 11:17 PM  No Comments

I have been a die hard Thinkpad fan since I got my hands on a Lenovo Thinkpad X200t Tablet back 7+ years ago.  Since then I have had a number of different Lenovo “THINK” devices:  ThinkCentre A70z, ThinkPad T420, Thinkpad Tablet 2,  Thinkpad T440s and now the Thinkpad X1 Carbon (3rd Gen).  There was TONS of posts after IBM sold their PC division to Lenovo claiming doom and gloom for the Think line.  After retiring my x200 for the T420, I had no worries.  The T420 was rock solid, a brick but was built like a Thinkpad should be built.  I never had any issues with that Laptop, it never let me down.  When I purchased the Thinkpad Tablet 2, I noticed some items that were not huge faults, but small attention to detail items.  I was ecstatic about the design of the T440s, and ordered it before it was ready to ship, but this is when it really went south.

After using the T440s for 18 months here are my thoughts…

  • They switched to a new style dock with the T440s and newer.  I have the Ultra version and it has issues resuming monitors from sleep.
  • I really tried to like the new buttonless touchpad, but I couldn’t.  I have always been a “nub” guy, and the new touch buttons make it impossible.
  • Serviceability is a pain in the ass.
  • The space bar doesn’t always register when it is pressed (I am a “beater” so I know it is getting pressed.

Lenovo saw there error in their ways and brought back physical buttons for us nub users in the next iteration, and so I went for a 3rd Gen X1 Carbon.  I have only had it for a couple of days but I think it may be going back.

  • Even though I have a OneLink Dock, instead of the Ultra, the sleep problem still occurs with my DisplayPort monitor.
  • It also randomly has a hard time coming out of sleep.  In the last week I had to press and hold the power button to get the machine to come on after sleeping.
  • Until Microsoft fixes their DPI issues with multiple monitors, 2560×1440 on a 14″ screen is wayyy too small.

Bottom Line:

Lenovo needed to make changes in the ThinkCentre line to keep up but these issues are problems I can’t overlook.  I love the design of the new Thinkpads, but they lack what made Thinkpad’s great, being rock solid.  Would the ThinkPad line have the same issues if they were still owned by IBM?  Nobody can answer that but if they don’t get a handle on this soon, I see a dark future for the company when it comes to the enterprise.

HP’s SQL Server Appliance for Big Data

May 7th, 2013 at 9:00 AM  No Comments

Big Data.  It has been around for some time but like “Cloud” I think it is the next big buzz word C-series exec’s will be asking their people if they have it, but not understanding why they want it.  HP, partnered with Microsoft, recently released the second iteration of a SQL Server appliance.  They call it the HP AppSystem for Microsoft SQL Server.  I recently was invited to a virtual briefing about their second version based on Microsoft SQL Server 2012.

Why would anyone want to buy a appliance instead of just buying the hardware and then installing SQL Server 2012 you ask?  From my understanding traditional SQL wasn’t built to handle the workload or storage requirements and more importantly buying a PDW Appliance you get one stop shop for support.  Once you call Microsoft for a support issue there is no passing the buck to the hardware manufacturer.  They may need to transfer you to HP but there should be no finger pointing on who is to blame.

HP isn’t the only partner Microsoft has, but with features like a modified version of Smart Update Manager and Insight Online not to mention their world class hardware, I believe HP has a leg up on their competition.

11 weeks, 1000 computers and Windows 7

April 11th, 2013 at 7:51 AM  No Comments


I moved back to Colorado and took over two call center sites in September. Just as a little background I work for a outsourcing company that manages call centers for other companies (amongst many other things).  It provides some IT challenges since we use the customers software on our machines alongside our internal software to run the business.

I received notice a few months after I took over these sites that our client wanted all of our desktop machines upgraded from Windows XP to Windows 7 by “April 15th” (we will get to the quotation marks later).  Half way kidding I told my boss we would get it done in 60 days.  I thought the 90 days that we were given was more than enough time even running as lean as we do, with two desktop technicians supporting a site of over 1000 desktops.  I had built XP images and rolled it out to 800 machines in less than 60 days.  90 days for Windows 7 should be a piece of cake.  I was in for a big surprise.

First 30 Days

The first 30 days consisted of upgrading the 3 domain controllers from Windows Server 2003 R2, to Windows Server 2008 R2.  We also built a new WDS server since our old WDS server was also still running Windows Server 2003 R2 and built the base image and did internal testing.  We built new group policies and WMI filters to make sure these new policies only affected the new machines.  Everything was smooth sailing.  I sent my boss a status email outlining our plan of completion by “April 15th”

Week 5 and 6

Over the next week we rolled it out to about 5% of the first two business unit groups (about 30 desks) and made a few small tweaks to the GPO’s and the image.  The next week we rolled it out to the remaining machines in those two groups, and like that we were sitting at over 60% of our machines completed.  Proud of our status and since we met the goal I set for the first two business groups I sent an update to my boss reassuring him we were on track for the “April 15th” deadline.

Week 7 and 8

After completing the first two business groups, we had to slightly modify the group policies for the next two business groups.  Luckily we didn’t have to modify the image at all so it went pretty quickly.  We took the two weeks we had slated for these last two groups (around 100 machines) and made sure it was done right.  We also pushed it to another 140 training machines.  Again I sent my boss an email with our status and reassuring him of the “April 15th” deadline.  This time I got an email back that we needed to get it done by April 7th.  When I asked my boss why it changed he told me the date had always been April 7th, and he wondered why I kept forecasting completion for the 15th.  I am not sure where I got the 15th from or why he didn’t mention it before now but hey, 1 week won’t make THAT much different, right?

The final 3 weeks

The final 3 weeks we had the least amount of machines to deploy but we had to modify the base image with additional software and when we rolled it out we also had to use Symantec PGP WDE (I hate this software) to fully encrypt the station.  This adds about 3.5 hours to each machine setup time.  We got the image modified in week 9, rolled it out to a test group half way through week 10 and then finished rolling it out to the support team, supervisors and managers in week 11 and finished with 12 hours to spare on April 7th.  Everything was good (so we thought).

The Aftermath

It has only been a few days since we completed.  After the roll out we received some strange reports from everything from corrupt OST files, corrupt Office installs to programs stating they were not valid Windows applications.  None of which that were reported in our extremely short 5 day “soak period”.  It appears the problems were caused by how we encrypted the stations and PGP wasn’t happy with it.  To get up and running in time we had to log in as an administrator, install PGP, start the encryption process and use Windows Fast User Switching to Switch User and allow the users to immediately start using the machine.  We are still troubleshooting and testing but we believe that was the cause.


There are a few things I learned throughout this process.  It was a good experience and I know next time I will do a few things different.

  1. When you are faced with a roll out of this size, take your firstestimate of time and double it just to be safe.
  2. Make sure you always let the image “soak” for a minimum of a week (two would be better) with a test group before you start the roll out.
  3. During the soak period make sure you restart the soak timer anytime you make a change.
  4. Think through the roll out and make sure you setup the machine to soak exactly how you will deploy it to the floor.  There should be no variation.
  5. Make sure you get your boss to respond to any deployment plans that have to do with time frames.  Silence is not golden.

Finally, I got my Lenovo Thinkpad Tablet 2!

February 4th, 2013 at 7:00 AM  No Comments

thinkpad-tablet-2-verticalMy company has been trialing tablet solutions for the last year.  They have tried out iPad’s and Nexus 7’s at other sites with limited success.  The basic web apps work fine and the users can send/receive email on them, but none of our native apps work and some of the more complex web apps don’t work properly.  I knew that until we got a full Windows based tablet they would not be useful for our management staff.  I was very excited when my boss gave me the approval to order a Lenovo Thinkpad Tablet 2 back in October.  I patiently waited week by week receiving accessories and emailing my sales rep checking on the status.  Toward the end of December I was beginning to wonder if it was every going to show.  I almost gave up in January when I received a tracking number in my email.  It was finally shipped.

When the box arrived I was surprised how small it was.  I thought they somehow made a mistake and sent another accessory.  Upon opening, I found I was wrong.  The tablet was much smaller and lighter then I expected.  Compared to my year old HP Touchpad it is like a cell phone.  I couldn’t believe that this small form factor was a full blown Windows PC!  Keep with me as I go through the Tablet 2 and provide some pictures.  Fore warning, these pictures are taken from my phone and I am not a photographer by any means.


This was my biggest question when I was pushing for the tablet.  Could this little 1.8 Ghz Z2760 Atom SoC processor handle the day to day tasks and completely replace someone’s desktop machine?  For the Average user, I think it could.  Using the dock, I was also able to plug in a second monitor via HDMI and it pushed the 10.1 touchscreen along with the 23″ 1080P external monster sitting next to it.  During the last few weeks using it on and off I never ran into any problems with shuddering or lag.  I didn’t throw a lot at it, but I left my laptop at my desk and had no issues using it as my main machine away from the office.  Could it replace all my machines?  Absolutely not.  Could it replace my laptop as my main portable machine?  Absolutely.

Hardware and Design

First look the tablet looks amazing.  When you start looking closer you start to see some flaws.  It does not have the Thinkpad build quality that Lenovo is famous for.  The corner of the 10.1 inch Gorilla Glass “creaks” when pressed, and pops out past the bezel once in a while.  The camera on the front seems also off center.  They added a FCC sticker on the back as well as a sticker that says “Not Encrypted”.  The sticker with the serial and the type code placed under the SD Card flap is protruding out the top.  Mostly minor issues, but problems that screams “I was thrown together and pushed out the door”.  I am guessing they didn’t want to delay shipping any longer then they already did, but I would much rather have seen these issues worked out and wait another couple of weeks to receive the tablet.

There are few expansion ports and buttons on the Tablet 2, but I am very happy for the ones they included.  Starting on the top right you will find a small power button, moving to the middle there is a door that opens up to a Micro SD slot as well as a SIM card for AT&T 3G/4G connectivity and all the way to the left is the pen for digitizer input.  On the left side of the tablet you will find a full sized USB port (something I will rarely use, but absolutely needed) and a Micro USB slot for charging.  Yes, you heard that right, a standard Micro USB port for charging.  On the right side you will find a headphone jack, volume up and down ports as well as a Auto Rotate on/off button.  I find myself accidently hitting that button quite often.  On the bottom you will see the standard dock port, and a Mini HDMI port.

With a little more attention to detail I think this could be a very good design for a tablet.


I am still not sold on some of the “enhancements” Microsoft has put in place inside of Windows 8, even on a touch screen tablet.  It is MUCH more touch friendly then their previous OS’s but not as much as it needs to be.  I am still not a fan of full screen applications and I am not sure if I ever will be.  One thing that surprised me is a lot of the famous Thinkpad software was missing.  There was a few Lenovo programs but the software suite they are famous for is missing.  I also experienced frequent lock ups that started the first weekend I received the device with just the default software stack.  I don’t think this is a performance related problem but rather a software or driver issue.  Hopefully Lenovo can find a quick fix for this problem and get it pushed out.

I could not get the Cisco VPN Client to function properly (ShreSoft VPN works fine) and Symantec Whole Disk PGP Encryption is not yet compatible with UEFI or Windows 8.  If I wouldn’t have experienced issues with the Tablet 2 freezing, these two programs not functioning would have delayed the rollout.  No matter which of the CloverTrail Atom devices you pick, these issues will follow because they appear to be limitations with Windows 8 (x86 more then x64).

Battery Life and Portability

With light use I was able to get almost the 10 hours of Battery life Lenovo claims the Tablet 2 can get.  Each user will have different experiences, but even streaming HD video I still got close to 8 hours.  It charges from a Micro USB port at the bottom left hand side of the tablet.  The charge is a 2A charger (same as the HP Touchpad charger).  In my experience any Micro USB charger will work with this device but as most of the Micro USB charges are only rated as 1A, it may take longer to charge with the Micro USB chargers you have laying around the house.  At only 10 inches long, 6 inches tall and less then a half an inch think the Tablet 2 will go anywhere you want it to.  I was able to fit it inside of my already crammed 14″ laptop bag with ease.

Final Thoughts

The Lenovo Thinkpad Tablet 2 is a awesome companion device for power users and could be a complete desktop/laptop replacement for the normal office user.  I am disappointed about the design flaws I have mentioned as I am used to a top notch machine when I see the brand of Thinkpad or ThinkCentre.  Overall I have enjoyed working with the Lenovo Thinkpad Tablet 2 and I think it has found a spot in my laptop bag for now. With the problems I brought up (especially with it freezing) it will stay as a secondary device to my laptop and will not make it to prime time for our Management team.  However, I may look at upgrading from my Thinkpad T420 to a T520, since I can always break out the “T2” if I need more portability.

HP Printing, who knew?

November 13th, 2012 at 4:37 PM  No Comments

In late October, I was invited to a HP Tech Day that focused on printers.  In the past, these events have been great, but they were around more (at least to me) exciting technologies, like servers or storage.  With the way my schedule has been (I moved back to Colorado in August to take a new position with more responsibilities), I almost passed up the opportunity, but I am glad I didn’t.

Inkjet, or Laser?

I have always been a Laser person.  I have a small Brother Laser printer at home, and I used it for almost 3 years without needing to replace the toner.  If I would have purchased a comparable Inkjet printer, I would have been replacing the ink cartridges every 3 months.  HP’s OfficeJet Pro X, being released in the 1H of 2013, may change my views when it comes to ink, instead of toner.  This beast can print up to 70 color pages per minute!  The black cartridge can handle 9,000 prints before it needs to be replaced.  Color costs almost half of what a traditional color laser does, and black costs a tad bit less.

She is pretty!

LaserJet Testing

I had no idea what all went in to bringing a new Laserjet printer to market.  They not only stress test them, but since they are shipped all over the world they also test them under different temperatures and humidity levels.  Since different paper reacts differently in different printers, they also test over 200 types of makes/models of paper through every printer.  These types of tests do not come cheap, 1 million a year just for the paper alone!

Look at all that paper

I will be elaborating on these items further, as well as on Quality HP Toner, how they are helping their clients be more efficient and the Digital Oasis lounge.

Disclaimer:  HP invited me to the Printing Tech Day and paid for all accommodations while I was there.  I received some swag including a HP backpack and a Notebook but I was not required to blog anything good or bad about this trip.  My opinions are my own and cannot be bought.

Interop 2012

June 4th, 2012 at 4:10 PM  No Comments

Back in the day the Consumer Electronics Show was the one event that I made sure I made it to every year.  I love Vegas and a week of geeking out + Vegas was something I could not pass up.  I think part of it was growing up, but spending 7 – 10 days in Vegas and the humungo CES show drug on me.  I stopped going to CES but found my new favorite conference was Interop.  Three days in Vegas, a much smaller show floor and the type of tech shown is what sets it apart for me.  I was planning on going to Interop 2012 when I got invited by HP to the Gen 8 Tech Tour.  The Tech Tour took up two of my planned days but they graciously offered to send me to the Interop show as well.

Dreamworks and HP

After the Keynote on Wednesday morning some of the bloggers (and even a few from press) got to spend some time with Bethany Mayer, SVP and General Manager of HP Networking and Derek Chan , SVP, Operations; Head of AT Global Operations at DreamWorks Animation.  Derek spoke about the strong partnership that Dreamworks and HP have had in the past.  They have collaborated on many different projects over the years, and really gave back to their industry.  Dreamworks collaborated with HP to build the first LCD that could replace the contrast quality and the black levels of the high end CRT’s they were using.  They worked with HP to build Halo, the only fully global, fully managed end to end solution (having participated in a Halo teleconference at a HP Tech Day I have to say it is an awesome  technology).  It only makes sense that when they are looking to replace their network, they check out HP as well.  They have replaced their entire network infrastructure with HP gear and haven’t looked back.

HP Wireless Networks

As the BYOD fad get larger, wireless becomes more important to the enterprise and HP is no slouch when it comes to wireless.  There were a number of devices on display at Interop 2012 ranging from a rugged waterproof access point up to a device that replaces a network jack to give you 4 ethernet ports and wireless connectivity up to 400 square feet.

108+ million packets per second and 74 Gbps traffic

The HP Booth and the Interop show floor was very loud, but as you moved toward the back of the booth it got louder.  That is where we ran into Sam Rastogi, Global Product Marketing Manager, HP with his monstor of a router, the HP 6600 and a rack full of Spirent gear.  The Spirent test setup was simulating 74Gbps traffic and 108+ million packets per second!  For more info on the setup and how the HP Distributed Multi-core arcitecture kicks ass visit Sam’s blog post


There was some questionable decisions brought up this last year with HP’s previous management that left me and a lot of other people uneasy.  If they continue innovating like I am seeing in both the network space and the server space and keep the right dedicated, passionate employees like the ones I met on the trip I think HP is on the right path.

There was a lot more information shared about HP’s announcements on their partnership with F5, DVPN and their new 10500 campus switches that I haven’t been able to get into here (I am way over my 500 word limit) but after HP Discover expect many more in depth posts on this and other technologies from HP.

Back in Las Vegas for HP Discover 2012

May 27th, 2012 at 9:39 PM  1 Comment

I will be back in Las Vegas for HP Discover this year.  The conference runs June 4th – 7th and I am really excited to jump in and get more information about the direction HP is going, especially when it comes to networking.  I went to InterOP a few weeks ago to learn more about HP Networking post the 3Com merger, but I didn’t get to spend as much time as I would have liked to learning about their new developments.  Since I was in Houston learning about HP Gen8 Servers I arrived Tuesday late evening so I missed the first full day of the show.

I last attended HP Discover (then called HP Tech Forum) back in 2010 and it was an awesome event.  This years show will features keynotes by IT thought leaders, the HP Discover Zone (what HP calls the expo floor), and 800+ business and technical sessions.

  • Go in-depth on Nonstop, HP-UX, OpenVMS, Storage. There will be 25+ Hands-on Labs available at the conference. Labs are longer than regular breakouts, so you have time to dive into the details.
  • See the complete ecosystem of HP and partner solutions for enterprise business, all in one place at the same time.
  • Get 5 free certification exams worth $875.

If you haven’t already signed up for HP Discover your time is running short.  It is one week from Monday!  I have been given the opportunity to extend a $300 discount if you use the promotion code “BLOG“.  Along with this discount, I also get entered into a contest to win a free trip to any HP event, as well as a couple of laptops.  So, if you sign up, not only do you get to go to HP Discover and hang out with cool people like me, but most importantly, you will also be helping me win a trip to another HP event!

All joking aside,  I hope to see you there.  I will be covering the event live via twitter and posting about what i find interesting.

:Shakes Fist at Citrix:

May 27th, 2012 at 2:59 PM  No Comments

It never fails.  Nice long relaxing weekend planned and what do I get?  Calls from users at work because of problems.  One of the problems was related to a change we made Friday afternoon (shame on us) but I was able to resolve that one remotely after 15 minutes of work.  The other one, was a bit more difficult.

The users were complaining about slowness with Internet Explorer.  First thought, of course, is problems with the T’s we have for Internet, but I was remoted in on those same lines and Solarwinds wasn’t reporting anything.  I thought back to anything we did recently but nothing stuck out.  IE8 was rolled out the beginning of April, patches were done the end of April, we upgraded Citrix to the newest “receiver” version two weeks ago and we just rolled out a new network drive using a GPO on Friday (I ruled this out as it was a simple batch file).  Since the problem was sporadic and because I was losing my guinea pigs since it was 9:00 PM and closing time I made a midnight run into the office.

After spending a couple hours looking into everything and loading up IE with no Addon’s (I LOVE this feature) I figured out it was an addon causing the issue.  I started going through and disabling one at a time until I got to a new one I hadn’t seen before, “CtxIEInterceptorBHO Class”.  Disable that one, BAM, IE is back to normal.  After doing some research on the web I found out that this is a new control Citrix put in the new Receiver install BUT it doesn’t do anything, yet.  I also found this post of someone else having the same issue.

Now, I am unsure why it took two weeks after we rolled the client out to pop up, or why it picked only a certain group of users to harass.  I also don’t understand why Citrix would add this in to their software if it does absolutely nothing. I am the type of person who loves to be on the edge of technology.  I deal with Android issues all the time because I am running Cyanogenmod on my Nexus S 4G, but that is MY choice and I do so knowing the risks.  I would not do the same with my users when problems like this not only ruin a good part of my long weekend, but also lowers productivity which turns into a loss of revenue.

I realize that bugs happen in all software, but this seems like a big miss.  Why would anyone include something that serves absolutely no purpose (yet) in your “stable” software download?

Cable Management fun with a Cisco 6509

May 23rd, 2012 at 11:35 AM  No Comments

Every company in my IT career I have walked into a jungle of cables with no documentation or labels.  I am starting to wonder if I will ever walk into a place where I don’t have to tear into everything and re-build from scratch.  I realize that IT staff is usually overworked, but there is no excuse for letting it get this out of hand.

I admit, in a fire I don’t always label/run everything the proper way, but I always make sure I go back (usually late hours of night/wee hours of the morning, I love my job!) and make sure it is done right.  I guess I should stop ranting and get back to the original subject of the post.  Afterall, those Lazy IT admins keep people like me out of the unemployment line.

Until my most recent position, I have never dealt with a large switch like the Cisco 6509 or 96 port patch panels (the maker of these patch panels, IMO, should be shot).  I am a big fan of what you can do with a good old fashioned 48 port switch, a Neatpatch and a 48 port patch panel.  I was stumped when I walked into the IDF for the first time and saw this.

It is Cousin It with a bad dye job!  You have to look close but you will find a Cisco 6509, 2x 96 port patch panels (other two are at the top) and 2x 24 Port Cisco 2970G switches.  I had no idea where to start, so I fired up Google.  The only thing that I could find for cable management for one of these beasts was the SMB-6509 from CE COM.  It looked great and had some awesome functionality. With no budget for the cleanup there was no way I was going to get approval for the $300 – $400 price tag and the other cable management I needed to finish the job (original estimate was around $2,000).  So I jumped on and started to look around.  I found some nice inexpensive items that looked like they would work for the IT guy with no budget.

Qty Description Cost (ea) Total
4 Black Box Cable Management D-Ring $2.00 $8.00
18 Siemon Cable Carriers $2.00 $36.00
4 Leviton 1U Cable Management Arm $35.00 $140.00
384 Belkin 3, 4 & 55 Foot Patch Cables $1.50 $576.00
Grand Total $760.00

I used the large Black Box Cable Rings for the top 96 port patch panels.  They held quite a bit of cable but they were a little flimsy.  I lined the Siemon Cable Carriers along the side of the Cisco 6509, one dedicated to each card.  If they were bigger, it would have helped tremendously.  I made sure I ran all of the copper from the right and just ran the power and the fiber (easily moveable) from the right.  This allows access without disconnecting any cables if I ever need to replace the fan card.  The 1U cable managers were used for the 48 port switches that have replaced the 4x 24 port switches at the bottom.

Enough about how I did it, here is the outcome.

I realize this isn’t the professional quality you were looking for.  I have some more velcro work to do and I need to add a couple more switches, but I don’t want to do any of that until we decide if this Cisco Catalyst 6500 series is staying in this IDF or being relocated.  At least it wasn’t a horror film like it started out as.  The CE COM Solution with a couple of neat patches would have been awesome, but not something that is in the cards right now.  For under $1,000 and many hours of work, I now have an area that is manageable, and documented.

For closing, I just want to leave you with one thought.  Just because you don’t get the solution you want (CE COM and Neatpatch in this situation) doesn’t mean you leave it broken.  With a little creativity, and lots of work you can make just about anything work.  Well, OK, maybe two thoughts.  Data running through 110 blocks?!


Older Posts »