Church IT Podcast Discussions Episode 20 December 6, 2007

Jason

Hey, welcome everybody to Episode 20, the one-year anniversary of the Church IT podcast. You may or may not have read on the blog, we’ve had over 5000 downloads of this thing, averaging 20 or so callers, not counting chat windows. Look forward to seeing what will happen in the future.

Couple of notes, the Sharepoint training opportunity, the pastor had said consultants are not allowed, but we modified that, consultants will get a whopping $1,000 discount off of how much it would normally cost. So go to my blog to get more information, basically $2500 for the week-long training. A huge discount to consultants, we’re trying to work out the registration for that.  Do you have anything else on that Jason?

Jason Lee

Right now we are waiting to see if Bill wants us to run the registration. The last email I had from him said they would probably need to run it, I expect to hopefully have an answer from Bill today, so we’ll probably have that registration info by tomorrow.

Jason

So if you know of Church IT Consultants that might want to take advantage of this, let them know.

Ok, today we’ve got Dean and a couple other guys from ACS Technologies and we’re gonna ask them to give us the behind-the-scenes of ACS as far as routers and switches and sans and storage and all that good stuff. So Dean, do you want to introduce who else is on the phone first?

Dean

Sure, we’ve got Josh Wise who was with me at the Roundtable in Kansas City, and also have one of [Time Stamp00:04:38] my other Senior Network Administrators James Munn (sp). James and Josh really keep this place running, they know the ins and out, they are here to answer your questions. I’m just here because you know me. 

Hello from James and Josh

Jason

What is your position Dean?

Dean

I’m the IT Director for ACS both on corporate side and on the client side, it’s my responsibility also to make sure all our website servers are up, and access servers are up, we do an on-demand system, anything that is hosted out of our Florence and Charlotte locations, I’m responsible for all the computers, technology, and so forth. James and Josh also split that fence, there are 25 people in IT here, 23 of them are on one side of the fence or the other, either on the client side or the corporate side, but the 3 of us work on both sides, depending on what the problem might be.

Jason

Tell them what ACS Technologies is.

Dean

ACS Technologies is a church management software and solutions provider. We work with churches of all sizes, we originally and for the vast of our history had desktop application products, just in the last 7 or 8 years really started moving everything over to the web front. We’ve got several thousand churches using our web products, and close to 45, 000 churches using our desktop products. We know about desktops and global policies and Internet connections and routers and firewalls, so it’s what we live for. We do it for the churches that don’t have IT staff, for the most part. We are here to support you.

Jason

What I’d like to do is to do an outside to inside look at the technology you use to make ACS run starting with you win connections and offsite data center. Maybe start there.

Dean

We [Time Stamp00:08:34] started out everything hosted from the web perspective we had put in a data center located in Atlanta, Ga. That was a great move for us but it was 5 hours away, it didn’t make sense for us to everything where we couldn’t get to it. So we began building the infrastructure in Florence to support it. Of course the first question from any church who understands the Internet, how many connections to the Internet do you have, what size are the connections, are they redundant, are they bound together to look like one [connection]. We had to build all that and the company we chose to help us do that was F5. It’s been a great solution for us, we are on our second instance of F5, we are getting ready to bring up new ones. We have two main Internet connections into our building, we had Time Warner who was our provider here locally bring us a dark fiber in so they can run up to 100 megabits per second into our building, and Bellsouth, who is now AT&T has another connection into our building, we are on a smart ring with them around the city, so we have 2 connections bound together. We were figuring up yesterday, I think we are running at 65 megabits right now combined. We had Time Warner bring us a second connection.

Josh/James

We had Time Warner because we had so much Internet traffic, we needed a dedicated connection to Internet, so we brought in another 20 meg.

Dean

And all that split out F5. The F5 handles which traffic goes down which connections. It’s a really sweet thing to monitor. Right now we are running a little over 13 megs per second in and out.  Today maximum [Time Stamp00:11:27] looks like around 50%. Could be 100s of megs of video or audio or stuff like that. We host all these websites so literally every church, contributions, online giving, things like that. We also have equipment running in Charlotte as well because we needed an offsite location.  That’s a little bit about our Internet connections. 

Jason

If anybody has a question, just hop it.

Sp

You mentioned live store? It is my understanding there is not a security solution for the data in transit to the live store server, correct? Is that a plain ftp transport to the live store server, that’s why we declined.

Dean

That’s right as of today, funny you mentioned that, literally the last 3 days we have been trouble-shooting our F5 units because the F5s are the reason the secure ftp traffic is not allowed, and we can’t find a solution, which is why we are deploying the new F5 solution to resolve that issue. The code is already in the client to turn on the secure ftp, just right now, our F5s don’t support it.

Jeremie

How many links do you have coming in through that F5 box?

Dean

From the Internet, we have 3 connections coming in. Different speeds.

Jeremie

Are you having good luck with that? What advantages do you get with that instead of just a router and some load-balancing?

James/Josh

Basically with the F5 device, we can take two diverse paths to the Internet and combined them so it’s gonna look like one. The F5 device is smart enough to say when you do a resolution, it’ll pick which path is the best and give you that path.  We have the roadrunner connection, if you try to make a connection into our system, when you ask the F5 which path to take, it will pick the one with the most bandwidth or however we set up the load-balancing ratio and it will [Time Stamp00:14:46] then give back the credentials or the IP addresses to come down the correct one.

Jeremie

So does that have to be the authoritative DNS for your whole system?

James/Josh

Not for your entire system, you can delegate just the pieces you want to delegate to the F5 unit and let it handle just the pieces you want to load-balance.

Dean

I know you guys are cost conscience so one of the things the F5 does for us is our Roadrunner bandwidth is a lot cheaper than our AT&T bandwidth. So I can call my Roadrunner rep and say, “move me from 20 by 20 to 30 by 30” and that may only cost $200 more a month, it would cost $6000 more a month. So we can ramp up on the Roadrunner side and give priority to the Roadrunner bandwidth but always have enough on the AT&T side to, if the Roadrunner were to completely fail, we know we’ve got enough to run. We could bring more connections in and have all the bandwidth at different rates. 

Jeremie

I think that answers what I was looking for.

Dean

We have multiple F5 units so we are in high availability mode at all times, things like that. It’s been a blessing to have these devices, they work well. You can may a lot of changes on the fly, doesn’t require a lot of reboot.  It’s solid equip.

The F5 acts as a firewall because you are only allowing certain ports down certain IP addresses.

James/Josh

Our firewalls are in front of the F5 devices, so we weed that out before we send any traffic to our load-balancing. That way we can kill anything potentially harmful before it gets in.

Sp

So you guys have firewalls in front of your load-balancing?

Dean

Yes.

Jeremie

How much would what you have cost?

Dean

Let’s just say I buy a house about every month. I don’t really know. We’ve probably spent $120,000 [Time Stamp00:18:26] just on F5s.

James/Josh

We also have the same set up in our hosting facility, everything we have here, we pretty much tried to duplicate there, up there we only have one hand-off from our ISP but it’s just there in case.

Jason

Are you using the exact same models of firewalls everywhere?

James/Josh

Core piece is exactly the same models. The reason, the tunnels play a lot nicer when you have like models.  Our corporate side piece is split off a little different and engineered a little different, so it does have a smaller class firewall, we’re not load-balancing that. 

Dean

We put a lot more energy into our client-facing stuff than we do our corporate because I can explain a little bit easier to my internal folks why their intranet is down than I can to a customer who is trying to make life happen. Firewalls sit in front of the F5, that’s news to me but that’s good. That’s why these guys are smarter than I am. Then of course we split the F5s off, we have a lot of VLANs running here so we can split hosted traffic off and we can split corporate traffic and we have the backbone VLAN as well where we push data across for back-ups.

Sp

How many VLANs?

Dean

About 30. We went down this path for a while where we put a VLAN in for every department, we’ve got 15 departments, support is one.

James/Josh

Our backbone, all our switches and everything communicate, all our firewall and infastructure runs across our backbone VLAN, we have the hosting, we run VoIP and it has it’s own VLAN so we can do quality of service.  We’re talking to you on a speaker phone over VoIP, running over all that traffic, network.

Sp

What’s the voice platform?

James/Josh

Avaya. We use Avaya switches for our corporate users and we use the Aspect switch [Time Stamp00:22:11] which is the high availability mission-critical switch for our call center. Aspect was something unknown to me when I first came on board, but it’s the switch Delta and American airlines use, it was a purchase out of our league, too expensive, but back in the late 90s the entire church management industry was suffering, we were all in the dark days, everybody trying to transition to windows, our president said we were going to improve that by fixing our customer service, we’re gonna make sure our customers can get to us when they need us and that we’ve got enough availability to grow, etc. We went out and spent a lot more money, probably $700,00, more than we could afford at the time and that’s been a great switch for us. It’s been in operation 8 year and has not had one minute of unscheduled downtown. It still runs on Windows NT 4, so a little outdated. Come in, we’ll show you the switch.

Jason

What client phones are you running?

Dean

I just got a new phone, one of those 4621 SW, got a backlight, the Avaya is running a 4620 or 4610. We run a hybrid system on our telecom, the main reason is because when we put this system in we did not have the budget to go back and re-cable our existing buildings so we had to run copper for that building and VoIP for our new technology building.

I don’t know if any of you have ever been here other than Tony Dye, Trace has been here, if you’re ever coming down I-95, we’re at the intersection of I-95 and I-20, you’re more than welcome to stop in for a tour, we’ll show you around, let you see all this stuff.

Jason Lee came here but he didn’t have a blog then.

What else you want to hear?

Jason

What kind of switching gear are you running?

Dean

For the most part, everything is HP that has been replaced in the last couple years. James came in [Time Stamp00:26:19] to my office one time and said we could renew our Foundry switches, $16,000 worth of renewals just for support, or he said we could go ahead and buy four new HP with lifetime warranty, so he did the math and the research and it made sense to replace them all.

Jason

Are you sending your guys to HP training?

Dean

No, these guys are sharp. You can stick ‘em on projects and they’ll figure it out. Even the F5, they played with it and figured it out. 

On the server infrastructure, from the core network, we’ve got 68 devices that we manage, and that’s switches and routers and the edge stuff, etc.  Back-up server, back-up libraries, 7 SANs, 40 switches, Internet connection, APC power, a generator, core router, a couple of Barracudas, wikis, that on our core.  Corporate, we run 52 other servers and those are things from the same stuff you guys do, DNS, Exchange, SQL server, file server, print server, all those.  30 devices in our Charlotte facility, 29 running Telecom. That 29 includes the voice mail system, the chat server, the Avaya here in Florence, the Avaya in our Phoenix office, Aspect, a few bricks, the biggest impact on our department is our client side, we run 167 servers right now, that grows by the day. James tells me between physical and virtual since Feb. we brought on over 220 servers, most of those virtuals.

James/Josh

We are not running ESX, just VM ware server. We did some investigative work, the ESX needed to be tied to too much certain equipment especially for the SAN, we’re actually fixing to move over to Xen.

Dean

This is where it could get interesting, I was on the chat the other night with Jason and some others and it came up about Promise Arrays, we’re not on ESX, and we’re going to Xen, it would be interesting to see what you [Time Stamp00:30:46] guys think about that. What are your thoughts on that?

Jeremie

What are you guys using to manage your virtual infrastructure?

James/Josh

That’s why we’re looking at setting up some Xen farms.  Right now, it’s manageable but it’s getting to the point where we would be a lot more efficient if we could get all of our servers to 2 management consoles.

Dean

You gotta also remember for us, we’re mission-critical because we serve customers, a lot of what we have is load-balanced so if a virtual goes down, we generally don’t feel it, unlike in our corporate stuff, we don’t have everything clustered or load-balanced so if that server goes down, we do feel the pain. But I’ve got 7 network admins right now and could use another 3 or 4 today. I have an open position for ACS Technology network administrator.  It is a challenge to keep up with all this, but this stuff just runs. We don’t have that many problems.

Jason

Talk about what kind of SAN stuff you’re using. A lot of us are interested in the Promise Arrays because of low cost,

Jeremie,

There’s a question on the chat about what router and firewalls their using.

Dean

I’d rather not say on the firewall, for security reasons.  But from a router perspective, everything is F5.

James/Josh

The core infrastructure on the network side would be HP routers. You could classify the F5 as a router possibly but it’s more of a load-balancer, traffic is passed in, once you get in, you’re going through HP devices, and we moved from a Big Iron Foundry unit to HP simply because of the price difference on the maintenance plans. We felt like that was a win for us.

Dean

We’ve had great success with the HPs, they’ve been pretty solid.  The other priced themselves out on the annual renewals.  Sometimes the perception for us is, “oh [Time Stamp00:35:00] you guys are ACS and you’re big and you got 300 employees and you got money,” and that is not necessarily true. We looked at Promise Arrays, EMC, and Equal Logic and all that. 

James/Josh

We had Equal Logic come in and do their show and it was sweet, but it was a big difference in price. And we were growing so fast, we needed something easy to manage and the Promise Arrays fit that bill for us. At one point, before we started using the Promise Arrays, we were looking at the Infastore [?], but they didn’t have an iSCSI solution at the time, so you had to buy the SCSI-type SAN and attach it to a head unit and then run iSCSI software on top of that. But with the Promise Array, you buy those, put some drives in, plug them into your iSCSI network and start carving out space.

Jason

Have you had any major component issues?

Dean/James

No. Don’t jinx us. Not even the power supply has gone bad yet.  We put the first one in in 2003, we had them in the admin building. There are 7 SANs on the corporate side, 5 that I know of on the client side and at least 1 or 2 in Charlotte, and I think every one of them are Promise Arrays.

Dean

This is where I give James and Josh a lot of credit. These guys took this Promise stuff, which doesn’t have a lot of street credibility on its own, and they pitted it against some of the best out there, some other had more features, but when you talk about through-put and speed, and you might take a performance hit on it, that’s a relative term. If you’re pushing gigabits of data at a time, but what is the sustain rate, what are you really trying to push through. James has taken me through our PRTG, 122 requests right now running on one of our SANs, I just picked one at random.  That’s running half of our extend product, virtuals on [Time Stamp00:39:14] top of that Array. The biggest issue we had with Promise is they had some firmware issue with their battery, so once or twice a month the battery alarm will go off, but you silence it and it keeps charging.

James

Other then drives, every now and then we’ll get what they call a time-out error on the drive, usually that’s premonition that the drive is about to fail and what we normally do is just go ahead and yank the drive and put another drive in.

Dean

Disk space is so cheap now.

Jason

That speaks well for Promise, hearing you guys talk about them like that.

Dean

If anybody wants to see any of that, let us know. Good quality products.

James/Josh

Just another piece of information on the Xen technology that we’re looking at, we’ve been testing that over the last few weeks with our Promise Arrays and one of the things we really like about that is that we now have the ability to migrate a live running virtual from one physical box to another physical box as long as it is on the shared SAN, and that shared SAN is on the Promise Arrays, and that worked right out of the box for us, no special drivers, with the Xen piece, we installed it and 10 minutes later we were failing over an XP box -- all running off the Promise Arrays.

Jason

Cool! 

Jeremie

A couple folks are asking for your contact information. Can you put that in?

Jason

My guess is that you are going to get a few resumes!

Dean

What else you guys want to hear? Jason has asked about the wiki before.

Jason

Yeah, so you’ve got all these devices, how do you handle change-management. Somebody makes a change or adds a new vm or makes a new VLAN. What does the procedure look like?

Dean

Good question.  Remember that James and Josh here split the corporate and client, so they are my contacts, they [Time Stamp00:43:21] are the glue for all of what you just asked. Virtuals don’t get added without those guys knowing about it, VLANs never get added, these are the only two in the building with access to our core switches and routers. So the other guys can’t bring on devices that have to be routed without these guys being involved.  So first, this basic first level of ‘no big changes’ without these guys. Then from there, James and Josh have both developed a series of spreadsheets and wiki articles that help our other network admins know what IP schemes to use, what routers to us, etc. that all the network admins are trained on how to bring on new virtuals. There is a lot of talking back and forth. Back in January and February, we got a little too loose on letting people make changes without going through the process and we started stepping on each other. We went through 30 days of hell where one network admin would go in and change an IP setting, another network admin would go back in change it back.  I finally had to tell James and Josh to change all the passwords, to slow everybody down to start thinking about what they’re doing. We just keep trying to come up with more efficient ways to make sure people have what they need. We don’t make changes unless teams of people agree to make changes. With all our client-hosted stuff, we have four sets of servers for every product. The development team has a set of servers that they have full control over, they can do anything they want to do with it. And then they have a  testing set of servers that when the developers finally get it where they think it should be, they push that to the testing servers. They have full control. Then the third set of servers is the staging. The staging servers we use for IT to become knowledgeable on how to deploy that hosted solution. And the development team has zero rights on that server.  So if they are trying to do something where they are writing a temp file to the C drive, we say no, not gonna happen, and we push it back down to development. No one has rights to production, with the exception of the net admin who is responsible for that, and James and Josh. So if you want to kidnap somebody, kidnap James and Josh. They are the ones who make sure everything works. We don’t have a big change request system.  I’m not a bureaucratic guy, so I don’t have a lot of sign-offs and things like that, because when the change needs to be made, I want those guys to talk about it and make [Time Stamp00:47:39] the change. As long as the three of them agree, I’m ok with it.

Jason

And that’s getting entered into your wiki?

Dean

Yes. We use the same wiki. You ever heard of screwturn? Fast, powerful, we’ve actually recently really embraces it as a department and put as much as we can out there on the wiki. It’s where we keep all of our contact information for each other as well as our contact info for vendors, all our how to documents, we don’t have fancy naming schemes, if you look at it, you probably wouldn’t understand it unless you had access to the wiki.  It’s kinda like a VIN, each number has a purpose.  When you’re bringing on 5 servers a week, you gotta do something that makes sense.  We keep it straight, very cryptic. 

Dean

We use screwturn wiki, we have one for only IT, where only IT personnel have access to it. Josh is a developer so he took screwturn and figured out how to integrate it with AD so using our users and groups on AD, we locked down screwturn to only allow IT people into IT ones, then we have a corporate one that’s corporate wide but it doesn’t get much traffic.

You had asked about seeing how it works and how we’ve got it set up and categories. You really don’t have to categorize it, you just tag it, each article can be tagged, then you can go back and look for only IP related or whatever. 

I just pulled up one randomly from Josh.  The vm ware guest time runs too fast. The virtuals time runs fast, goes through an entire day in 15 minutes, so he found the answer to that, he threw it out on the wiki page, so we know where to go. It’s kinda of our knowledge base, how-to documents, I use it mostly to look up somebody’s home number when stuff doesn’t work.

At some point when we can share screens or whatever, [Time Stamp00:51:52] I’ll be glad to take you through some of that and let you see how that works.

Jason

That’d be cool. What kind of backup do you guys run?

James/Josh

We’re running Backup Exec.

Dean

We do a lot of disk to disk backups as well, we’ve had our share of issues, we were running ARCserve, when we outgrew the existing backup tape library system, we had to expand it and between all the phone calls to India and 28 other countries, we never could get good resolution. They were telling us to configure it in a way that didn’t make sense. After about 4 days of not getting good backups, this was 2 years ago, we finally had to make a decision to buy, Josh can explain it better.

Josh

Most of our backups, we do disk to disk to tape where, we’ve got the 2 primary buildings here, things are replicated from our server in one building to a very large SAN in the other building and those are our online backups that are available for a quick restore if we need it during the week. Then as soon as the daily backup gets put on the SAN, we do a disk to tape backup which writes all that to tape which gets stored securely off site.  The disk to disk runs fairly quickly, we really like to have that on hand so we don’t have to go pull tapes out of the vault if we have to restore something.

Jason

Do the Promise Arrays do SAN snapshotting.

James/Josh

No, they do not support that, sorry.

Dean

We knew that and we had to figure out if that was a big deal to us.

James/Josh

It depends on what you are snapshotting because we have our main corporate file server off a Promise Array but we run volume shadow copy on the file server itself, so you can go back to snapshots that way but the actual does not.  It does have the functionality to add more drives to it and expand the rays, we’ve done [Time Stamp00:55:16] that successfully.

Jason

What kind of basic monitoring tools do you use?

Dean

That’s it.

Jason

How do you try to be proactive so that hopefully you see something coming before something craps out?

James/Josh

We use WhatsUp for that.

Dean

We have 2 instance of that running on different parts of the network, originally we ran into the problem when one of the core routers goes down or a particular email server goes down, then the notifications can’t get out, so we had to have more than one running to make sure at all times anything that needs to be sent out to us gets out.

What we’ve struggled the most with is when things are still running, physically up, responding to traffic, but yet the service isn’t running properly. That’s where we struggle the most. But WhatsUp has been pretty reliable for us.

Jason

Is it aggregating all of your server logs and all SNMP traffic?

James/Josh

No, we’re still looking into that. One of the big things we’re looking at aggregate area our event logs. We’ve found a couple things to do but haven’t’ fully implemented those yet.

Jason

That’s where we’re at too, we’ve got all these servers and I need something to aggregate all those logs.

Dean

We are in the same boat. Our total infrastructure points, physical servers, switches, routers, we’re looking at 346 of those. So that’s just what I know of, there’s probably something somewhere I haven’t found. The truth is, where we struggle the most is managing patch management, making sure the servers are not compromised, and that takes a lot of time. I’ve got two network admins that that’s pretty much all they do. They look at the logs, make sure nothing’s going on, if patches need to be loaded. They play with all the Microsoft tools to try to help navigate some of that but nothing really stands out as an outside solution [Time Stamp00:58:50] to manage that.

Jason

Anybody else got questions?  I assume your Windows servers, running any Open Source Linux stuff?

James/Josh

The Avaya is really the only device we have here that is not Windows.

We have some small firewalls that are running Linux.

Dean

That’s news to me too! But that’s ok.

Jason

Somebody asked in the chat window, how many virtuals per physical are you averaging?

James/Josh

That’s the question of the day. It depends on the underpinning of the infrastructure, how much memory you have on the physical host. Some servers we have upwards of 30 virtuals running on a particular server. Then we have some that only run 8. It depends on how much memory you can allow to the virtual itself, you have to weigh all those pieces in. Anywhere from 8 to 30.

Jason

Are you typically Dell or HP for the physical stuff?

James/Josh

Currently we are Dell, they came in a wanted our business, all our new stuff in the last 5 orders have been Dell.

Dean

And just for the record, James is a big AMD guy, so Dell didn’t have a shot until they opened up AMD.

I’m not a hardware person, so I don’t understand all that.

Jason

 Are you doing blades?

James

We had a stint where we ran through some blade stuff but didn’t really care for them. We had 3 set of blades, but when we started down the path of virtualizing stuff, it was easier to buy these one new boxes and slide them in the racks and get them up and running. And with the move to the Xen pieces, really just slide it in, 10 minutes later we’re pulling stuff in.

Jason

Are you booting from the SAN?

James

Off the host for the Xen server. We looked at using the virtual iron piece and had problems with that, so we decided to go down the Xen path.

Jason

What [Time Stamp01:03:02] about end-users desktops? What kind of hardware are you running?

Dean

We’re a Dell shop for desktops and IBM[lenovo now, as IBM only mfrs servers - ed.] for laptops.  The whole Mac/PC thing, we are running some Macs too, we’ve got probably 7 between Mac books, mini-Macs, things like that. We standardize all IBM laptops, all Dell desktops.

Jason

You give everybody local admin rights on their machines, right?

Dean

Yes.

Jason

If they do something stupid, you go smack their hand.

Dean

We do. I could pull anyone on my team in here and say give me the name of one of the top three people that cause you the most headache, they would all come up with the same three names.  I put the fear of God in my users from day one.  We spend thousands of dollars a month to support you and we want you to help us keep ours happy, don’t do these things. I give an hour speech to every new hire. We do have local admin rights, and everybody on my team would say I’d take them away tomorrow if we could, but the biggest reason we have them is because we do sell and support software products, so on any given day, you might have to uninstall version 8 and reinstall 9, or whatever, so you can uninstall and reinstall any day.

Chat Question

What percentage of performance do they lose in web applications being virtual?

James/Josh

I don’t think that’s noticeable. Everyone of our application, you can hit our home page right now, www.acstechnologies.com and every one of our websites are virtualized and you can see how fast that loads for us.

Dean

Performance is relative.  ACS gets beat up all the time because we don’t have a SQL back-end, and I still say performance is relative. Our table structure, our web server, our SAN devices, while if you held them up side by side to some of the “world class leaders” you might be able to electronically prove that [Time Stamp01:07:06] they’re not as fast, but it’s all about what you experience from a user perspective, and ACS performs well under thousands and thousands of records.  Same with the virtuals, I’m a huge virtual fan.

Josh

There’s no way you can say I can take a virtual and make it run as fast as the physical, theoretically each virtual is not going to be pumping out 100% all at the same time, so you’re going to be able to maximize the performance of each one and help spread that load across.  One thing I like, back in the old days where you would make a web server and have an application for one developer and another application for another developer and you try to put that all in one box running IIS and you start stepping on toes and one crashes, using the virtualization technology, we are able to separate that out. 

Jason

You guys mentioned Barracuda, is that your spam filter?

Dean

Yes, we have two of those.  We’re hosting 2400 email addresses for customers, about 2600 including corporate, Barracuda handles all that for us. That’s a fast growing area for us as well.  Nick had bought a model 600 Barracuda, I think ours are 400, not sure, but they work really well.

Sp

I’m curious, does ACS have a web content filtering system in place for their employees?

Dean

We have a web content logging in place. It’s one of those things I say to them on their first day. I tell my employees two things, it’s not the use of our system that I’m concerned about, it’s the abuse of our system. So if you need to go out and check the weather or find out when the Gamecocks are playing, whatever, go do it, that’s ok. I don’t want to block things either unless they are blatant. We don’t block anything, we do log things and if somebody abuses it, I go visit them personally and tell them to stop. That’s goes so far as to say our phone [Time Stamp01:11:15] bill every month is about $25,000 a month, and bill comes in a UPS box about 4000 pages. There’s no way if you made a phone call to your grandmother that I would ever find it, ever, so what we do is we have the phone company print out a couple of reports for us, what is the most called number this month? And we get the top ten most called numbers each month. Most months it’s either a client or a sales rep, so you recognize certain numbers so if somebody is abusing it, it’ll stand out.  My Space is blocked, but Facebook is not. 

Then the second thing I tell people is if you wouldn’t print it, show it, or forward it to your grandmother, don’t print it, show it, or forward it around our equipment.  Don’t do junk on our equipment. That’s how we handle it. It works pretty well for us.  Maybe once or twice a year, somebody will do something dumb and I’ll have to go talk to them.

Jason

Any more questions? 

Dustin says are you using vm ware server 1.0.x And do you assign multiple CPUs to your guests?

Yes.

Jason

Thank you so much Dean, James and Josh.  I got some good stuff out of it, I’m definitely going to look into that Promise stuff.

Dean

If anybody wants to have detail follow-up conversation, we are here for you. We can get you in touch with James or Josh or whoever you need.

Jason

Two more things here. One for the people who came in at the end, wanted to remind people that there is now an option for the Sharepoint training for consultants.  We’ve changed that, if you are a consultant interested in attending the Sharepoint training, you can come for about $2500, that’s a one-thousand dollar discount. We should have the registration for that ready by tomorrow. Check our blogs for some information on that

Also, I wanted to ask people what [Time Stamp01:17:39] they thought about this Church IT Biggest Loser contest.

Sp

You can’t start that until after Christmas. I’m interested but not until after Christmas. 

Jason

I’m just trying to help people maybe make Christmas a little healthier. I’m with you, but if we wait until January, we’ll keep waiting and it’ll never happen. Just yank the band-aid off and go for it. 

I’m thinking a $25 registration fee so that there is some sort of ownership, plus if 10 people get involved, that’s a $250 purse up for grabs. I’m thinking we’ll wait until the Church IT Roundtable in the spring to announce the winners. It would be fun to have 1^st, 2^nd, and 3^rd place.  Any comments or feedback on the whole thing?

I’ve got 12 people that have commented on my blog saying they are in.

More jokes about Jason Lee’s blog…

Jason

I can’t believe I have over 900 people reading my blog.  My blog is also on Monday Morning Insights, Church Tech Blogs aggregates it, so those number aren’t counted in the 900.

Jason Lee

Josh says that your entire church is subscribing to it.

Jason

Based on the questions I get, I disagree with that.

Sp

Are you adding that live bookmark to all your PCs before you deploy them there at GCC?

Sp

About the Sharepoint training, is there anybody in the live podcast who is planning on coming who hasn’t registered?

We are going to close registration as late as the 23^rd of December, but it would help us to start gauging how many people are coming, we’ve got tons of space, Bill said we can go up to 100 and we’re around 30 right now, but we need to prepare, so if you can register now, that would be helpful.

Jason

I will plan to do something with this Biggest Loser stuff, I have to think about how to handle the money.  Maybe PayPal. It may be Monday before I can get something [Time Stamp01:24:42] going. We can use the Church podcast wiki.

Freenode.net and #citrt is the irc channel. There are people in there all day, good interactions in there.

Several of us were talking about the idea of having a place where you could post recipes or links to helpful websites, just to help people be healthy. We’ll see what it looks like. I need to lose.

Happy Birthday to Ed Buford. He rocks.

Happy Birthday to the podcast. Hard to believe it’s been a year.

Ok, sign up Sharepoint.

Our next one will be December 20^th. We will probably cancel the January 3^rd podcast. Keep that in mind.

Sp

Is this the general format of the meetings? Do you have a topic set ahead of time? How many people?

Jason

It really fluctuates. Today was one of the times where we had a guest, we’ve had a couple of software vendors, sometimes there is no structure and it’s just a free-for-all open topic, ask questions and discuss.  I try to put a reminder on my blog www.jasonpowell.net.  There is a lot of information on the Church IT podcast website as well as the transcription to a lot of the prior Episodes, so it depends on the week, if I’ve got somebody lined up. I don’t have anybody lined up for next time, it will probably be open.

Sp

I’m really excited about this because I’m the only IT person at this ministry, so this was literally an answer to prayer to have a place to get some other ideas and feedback and understand what’s going on out there in ministry IT.

Jason

 That’s exactly what this is for.  To get us connected. How did you stumble upon it?

Sp

I was at your church’s website and then I noticed you had a blog, and I came across it from there.  I’m assuming when you want to speak you should click the button on the screen? Or does everybody just speak up?

Jason

 [Time Stamp01:30:16] Just speak up, I try to monitor the page, if there is static from someone’s phone, I’ll mute them. If I mute you, you can click in the upper right corner so it pops up on my screen letting me know you want to speak. Otherwise just pop in and ask a question. 

Sp

Are some guys using a different chat client?

Jason

Some people use the Talkshoe stuff, we got somebody using Vonage. I have found that calling into the Talkshoe phone bridge is the best way.

So if you are new to this stuff, on the right side of my blog, there is a giant list of a whole bunch of other church technology blogs. www.citrt.org is another place to go and check out information.  IRC channel is a great place to interact. We’ve got the spring Roundtable coming up April 4^th and 5^th in Oklahoma City, should be some links to that on my blog, the church IT survey, which is listed on my blog, to get more information.

I’m glad you found us.

Jason Lee

Where are you from?

Sp

We are in Brownsburg, just west of Indianapolis.

Jason Lee

Yeah, you are signed up for the Sharepoint training. 

Sp

I’m trying to get my arms around what some of our opportunities might be for solutions to extent the ministry outside of the brick walls here, that’s the next level for our church.

Jason

 We’ve got two other people in that area, Matt McConnell.

Jason Lee

I’m here at Rockville Rd 465

Sp

My neighbor!

This is great, I look forward to participating.

Jason

Spring Roundtable dates, the official date says April 3^rd and 4^th is when Ministry Tech is happening, so we were originally thinking to do a Roundtable on April 5^th but we are having a lot of difficulty having a church in the Oklahoma City that will host us because they have services. So we are thinking we may flip-flop [Time Stamp01:35:49] that and do a day of just Roundtable stuff on April 2^nd, then Ministry Tech on April 3^rd and 4^th, then head home.  That’s the current schedule.  I don’t know if any of you ACS guys are planning to have a booth at Ministry Tech. 

Dean

I’m sure we will. That’s my anniversary, not sure.   I’ll be sending James and Josh, they are who you need to be talking to anyway.

Jason Lee

Somebody in the window is saying they know of a church willing to host the Roundtable, who to contact?

Jason

Contact Tony Dye.  www.tonydye.net

There’s a blog post about it.

Well, I’m gonna end it here. The phones and chat will stay open. We’ll see you December 20^th.