Ongoing Costs of Providing Your Directory Service

   

As soon as the directory service is in production, there are costs associated with maintaining the directory server hardware and software and the directory data. Costs also are associated with supporting end users and scaling the service to meet the needs of a growing company that is developing and deploying new directory-enabled applications.

Software Upgrade Costs

When your directory service is in production, you may need to invest in software upgrades from time to time. Upgrades may be needed for the following software packages:

  • Operating system software . As new versions of OS software become available, you may want to upgrade to obtain benefits such as increased performance or the ability to address larger amounts of memory or disk space. You may also need to upgrade your operating system when you upgrade your directory server software to take advantage of additional functionality.

  • Directory server software . Upgrades of directory server software that add additional features, provide better performance, or fix bugs will become available.

  • Directory-enabled application and client software . Directory-enabled applications (such as e-mail server software and groupware applications) and end- user client applications may need to be upgraded from time to time. New versions of these applications may require that you also upgrade your directory server software to enable new features.

    Apportioning Hardware and Software Costs

    When you consider the various types of hardware that your directory service comprises, some items are completely specific to the directory service itself, whereas others are shared among all parts of your computing infrastructure. For example, if you have a dedicated machine on which you run an LDAP server, the CPU, memory, disks, monitor, and so on are used solely to provide the directory service. On the other hand, the router that connects the machine room Ethernet to the rest of your network is shared among multiple services.

    Similarly, some software may be shared among multiple services. For example, you might have a site license that allows you to install operating system software on multiple systems throughout your organization. A portion of the site license cost should be attributed to the directory service.

    When analyzing costs, you might perform a simple calculation to apportion the costs of these shared resources among the various services. If you have a machine room that houses 50 server computers, and 5 of those servers are dedicated LDAP servers, you might allocate 10 percent (5 divided by 50) of the total machine room costs to the directory service. These costs cover networking (routers, hubs, cabling, monitoring software), power (AC power, uninterruptible power supplies ), air conditioning, and staffing costs, if any.

    Of course, this calculation can be more complicated. For example, if the attachment of your directory servers requires an upgrade to the router hardware (to handle the additional load), it might be argued that the directory service should assume the entire cost of the upgrade. On the other hand, it's likely that another service will eventually be deployed or expanded, necessitating the upgrade. As with most types of budgeting, there are always opinions on both sides.

  • Other software . Other software used in support of your directory service may need to be upgraded during your directory's life cycle. Such software might include NMS software and metadirectory software.

Reducing Software Upgrade Costs

To reduce software upgrade costs, you can use two techniques: negotiating the best price for the upgrade, and deploying the upgrade efficiently .

When negotiating a price for the software upgrades, the same principles apply as when you make your initial software purchase. Volume discounts may be offered , so it is wise to purchase all your upgrades at once or negotiate an arrangement in which you commit to a certain number of upgrades over a set period of time. In some cases, your company may already have site licenses or support contracts in place that either cover the software you need or can be modified to include it at a nominal cost.

The second way to reduce costs is to deploy your upgrade in the most efficient manner. For example, if you need to deploy a new directory-enabled client application to all your users, certain approaches allow you to minimize the amount of staff time required. You might produce a self-extracting archive that users can install themselves (many software vendors distribute their applications in this manner anyway), or you can use one of the enterprise management packages (Tivoli, for example) to automate the distribution and installation of software packages on end-user computers.

Of course, for certain types of software, such as server software or Web-based applications, the number of places you need to install the upgrades is small, perhaps only a few servers. In that case, streamlining the installation process does not improve efficiency by much. In the case of server software, however, you can reduce overall costs to the organization by performing the upgrade in a way that provides the least disruption to end users and business processes. For example, you might schedule the upgrade during off-hours, when users will not be inconvenienced by unavailability of the directory. Be aware of any automated data maintenance processes that might also be scheduled during off-hours, and make sure that these processes either can tolerate a temporary directory outage or can be rescheduled to occur after the upgrade is complete.

Hardware Upgrade and Replacement Costs

As the demands on your directory increase, you may find it necessary to add additional capacity to existing servers or replace them entirely. The types of upgrade or replacement costs you may incur include the following:

  • Additional memory for servers . As the number of concurrent client connections to your directory server increases , you may need to add more memory to your servers to maintain performance. When upgrading servers, keep in mind the number of available sockets for memory expansion. For example, suppose that your server has four memory module sockets available. Completely populating all four slots with lower-capacity memory modules means that you will need to remove some of them later if you need to add more memory.

  • Additional disk space for servers . If the amount of directory data you need to store increases, you may need to purchase and install additional disk capacity for your servers. This need might arise when the number of directory entries increases or if you need to maintain additional attribute indexes. Certain types of storage technology, including NAS and SAN solutions, allow you to add storage incrementally without shutting down your directory service. In addition, if you add more memory to your system, you may need to increase the amount of disk space used for virtual memory paging.

  • Other server upgrade costs . You may choose to upgrade your servers by adding additional CPUs or switching to faster processors. You may also add more I/O capacity as the demands on your directory increase.

  • Server replacement costs . As newer , faster hardware becomes available, you may decide to replace rather than upgrade your server hardware. In some cases you may be able to reuse peripherals such as network adapters on the new servers.

  • Costs for additional network capacity . As the usage of your directory increases, you will probably find that you need to upgrade your network hardware at some point. For example, you may need to move to gigabit Ethernet technology, or you may need to provide an additional network segment and router port to handle the increased network traffic created by your service.

  • Upgrade and replacement planning costs . When you upgrade or replace server equipment, proper planning is required. You'll need to spend time thinking about short- to medium- term growth (6 to 12 months), and develop an upgrade plan that will meet your needs during that time. Be sure to take the costs of this planning into account.

Reducing Hardware Upgrade and Replacement Costs

Just like negotiating a good initial price for your server hardware, you should try to negotiate the best price for upgrades and replacements , purchasing in larger quantities where possible.

If you've purchased server hardware that can be upgraded, it may be significantly cheaper to add CPUs to an existing server than to add and manage a second server. Of course, this approach makes sense only if your directory service has become CPU-bound. If your server is I/O-bound, adding another CPU won't be much help.

Costs for hardware can be amortized over the lifetime of the equipment so that the entire cost of new hardware or upgrades need not be paid in a single fiscal year. The same principle can also be applied to software purchases and upgrades.

Finally, you may be able to recover some of the costs of your old equipment by selling it.

Monitoring Costs

Proper monitoring of your directory service requires upkeep of your monitoring tools as well as ongoing staff costs for responding to directory problems. The following are some of the monitoring costs you may incur:

  • Pager and cell phone fees . If you have on-call staff, you probably equip them with pagers or cellular telephones so that they can be contacted in the event of a problem. Initial purchase costs and monthly charges must be taken into account.

  • On-call pay . If your maintenance staff is on call and must be available to address problems, you will incur additional salary costs.

  • Costs associated with refinement and maintenance of monitoring software . As your directory service evolves and new servers are deployed, you will need to incorporate monitoring of those servers into your existing monitoring system.

Reducing Monitoring Costs

To reduce monitoring costs, leverage any existing network management infrastructure that might be present in your organization. For example, instead of designing your own directory monitoring system that runs in parallel with an existing monitoring system, integrate your monitoring with the existing NMS. Doing this not only allows you to avoid reinventing the wheel, but it also provides a central focus point where your users and maintenance staff can go to learn about all system failures.

Data Maintenance Costs

Maintaining the data in your directory, which is discussed in Chapter 18, Maintaining Data, is one of the most important ongoing activities you will perform. Good maintenance of your directory ensures the quality of the data, which in turn improves the usefulness of your service. Here are some of the data maintenance costs you may incur:

  • Personnel costs . Your data update process may involve manual tasks . For example, you may have a process that requires a computer operator to retrieve a tape containing a dump of personnel data from an administrative mainframe computer, run the data through some sort of transformation, and load the data into the directory. Even if most routine tasks are automated, periodic review of the log files produced by these tasks is still necessary to ensure that they are functioning properly.

  • Fees levied by data owners . If your organization is arranged into separate cost centers, the other parts of the organization may charge you for obtaining their data. For example, a Human Resources division with its own IT staff may charge a fee to extract the data you need to update your directory.

  • Costs of ongoing development data maintenance tools and procedures . When external data sources change in some way, perhaps moving from mainframe-based databases to a relational database running on a Unix server, you may need to change your data import tools and procedures at the same time.

  • Metadirectory maintenance . If you use a metadirectory to synchronize external directories, you will need to spend time maintaining it and its relationships with the foreign directories. Metadirectories are discussed further in Chapter 23, Directory Coexistence.

Reducing Data Maintenance Costs

To the greatest extent possible, automate your data management systems. The way you accomplish this automation will vary depending on how your data is managed. This section presents a few ideas.

If your directory is routinely updated from a central source, such as a human resources database, automate the update process as much as you can. By using automatically scheduled processes to perform the updates, you free up staff to concentrate on tasks that are more useful. Make sure, however, that the update process provides useful diagnostics when problems are encountered and that someone periodically reviews the diagnostic output. For more information on updating directory data from external sources, see Chapter 7, Data Design.

It's likely that your external data sources are themselves undergoing development and modernization; you should be prepared to deal with such changes. Whenever possible, make data transformation tools flexible. For example, suppose that you need to develop a tool that transforms a table of ASCII data into an LDAP Data Interchange Format (LDIF) file for import into the directory. If you can make the mapping from column locations to attribute types table-driven, you can accommodate changes in the width of the columns by simply updating a table instead of changing the program code.

Whenever possible and desirable, delegate responsibilities for updating data to departmental administrators or even end users. Of course, such delegation is possible and desirable for only certain attributes, but it may make sense to make those groups responsible for some data updates. Delegation distributes responsibility for data management across the organization and reduces administrative burden . It also improves the quality of the information in the directory by improving its timeliness.

If you do allow departmental administrators or end users to modify certain attributes, make sure that you deploy easy-to-use tools for this task. An application should validate the values that the users enter and reject invalid data with a helpful message that describes the appropriate format for the data.

Backup and Restore Costs

Keeping your data backed up, as discussed in Chapter 17, Backups and Disaster Recovery, is important. Safeguarding your mission-critical data involves the following costs:

  • Personnel costs . Some staff costs will be associated with performing regular backups. Loading and unloading backup media and performing backup and restore operations are some of the tasks involved.

  • Backup media costs . You need to have a sufficient supply of blank backup media to accommodate your backup strategy. Also make sure that you plan for the retirement of older backup media to prevent failing media from endangering the integrity of your backups.

  • Transportation and off-site storage costs . A robust backup strategy involves transporting the backup media to an off-site location to prevent its destruction in the event of a disaster. You may incur expenses for shipping the backup media to the remote location and for leasing the storage space.

Reducing Backup and Restore Costs

One obvious way to reduce backup and restore costs is to use an existing backup system if one is already in place. If all your servers are backed up across the network to a central tape drive, backing up the directory servers to this system will be cheaper than deploying a new backup system.

However, you might decide to purchase and deploy a backup system instead of using an existing system. In that case, when comparing expenses for various backup solutions, consider the cost of the hardware and the cost per byte of the media. In some cases a backup device that costs more may actually be less expensive to operate over the long term because it is able to store more data on each individual piece of backup media. Tape libraries, although more expensive, can manage multiple tape cartridges automatically and reduce the amount of operator intervention required.

Backups protect you against catastrophic data loss. They can also be used to allow end users to recover from incorrect changes made to their own directory entries. However, performing restore operations for end users can be time-consuming and expensive; most backup software does not even provide access to individual entries in a backed-up directory. Usually the entire directory must be restored to a different location and the required entries extracted. In general, avoid setting expectations that backups are to be used for anything other than recovery from catastrophic data loss.

Whatever backup approach you decide on, consider keeping several days worth of daily backups on disk so that if it's necessary to restore data, you don't need to retrieve a backup tape.

Disaster Recovery Plan Costs

A well-designed and well- tested disaster recovery plan can protect your critical business processes from certain types of disasters, including floods, earthquakes, and fires. Development and execution of a disaster recovery plan are expensive; but compared to the potential catastrophic business losses that could accompany a disaster, the development costs seem much more reasonable. For more information on disaster recovery, see Chapter 17, Backups and Disaster Recovery.

Here are some of the costs you may incur for your disaster recovery plan:

  • Periodic disaster recovery service fees . If you use the services of a disaster recovery (DR) vendor to provide a hot or cold backup site, you will pay that vendor on a regular basis.

  • In-house disaster recovery costs . If disaster recovery is provided in-house, you will incur costs associated with providing the directory service portion of the entire DR solution, including space rental and backup hardware and software.

  • Disaster recovery testing . After your DR plan has been deployed, it should be tested periodically. This testing may be elaborate because it requires simulating an actual disaster. A significant amount of planning is involved in the development of the DR test plan, and a significant amount of staff time can be spent performing the tests.

  • Disaster recovery review and update . Periodically, your DR plan should be reviewed and updated to accommodate new applications or changes in the underlying directory service. If new applications have been developed or your directory service has changed in a fundamental way, it may be necessary to redesign your disaster recovery solution.

Reducing Disaster Recovery Plan Costs

It's certainly possible to design a comprehensive disaster recovery plan that will protect you against most types of disasters and have your business processes back in service quickly. However, the costs of such a plan may be prohibitive. A cost-effective DR plan takes into account the likelihood of each type of disaster.

For example, you might be deciding where to locate a cold standby location for your data center. If you are situated in an area prone to earthquakes, it probably makes sense to locate the backup site far enough away that it's unlikely that both the primary and the backup sites would be affected by a single earthquake. On the other hand, if your location is not subject to earthquakes (or other large-scale disasters such as hurricanes), you can save money by locating your backup site relatively close to your primary site. In the event that a disaster does render the primary site unusable, it will be less costly to transport your staff to the backup site if it is nearby.

Also consider the acceptable time for putting a backup site into service. Maintaining a hot site certainly offers the quickest turnaround , but a hot site is also significantly more costly than a cold site to maintain and test. If it's acceptable to incur 48 hours of downtime with a cold site versus 4 hours with a hot site, you can save money by using the cold backup site.

Beyond the disaster plan itself, another way to save money is to weigh the relative costs of contracting with a DR solutions provider versus providing the backup sites yourself. If your organization has only a single location capable of supporting a backup site, it may make more sense to contract with a DR solutions provider. On the other hand, if your organization has several locations with high-speed network connectivity, sufficient power and backup generator capacity, and enough physical space, you may be able to design and deploy your own backup site at a lower cost. For more information on DR, see Chapter 17, Backups and Disaster Recovery.

Support and Training Costs

Support and training enable your end users and directory administrators to use and maintain the directory more effectively. Here is a wide range of options for providing training and support, with associated costs:

  • End-user support costs . You can provide support for your end users by maintaining an in-house help desk or contracting with an external support provider. Tasks include password resetting, software troubleshooting, and other general end-user support services.

  • Training for end users . Your end users can be trained in various ways, depending on the application. For commercially available applications, you may be able to use vendor-supplied training materials or the services of a third-party training organization. You may find that online tutorials are available or that you can send your end users to training classes and seminars. For applications developed in-house, you need to develop your own training materials, which can take the form of online help and tutorials, seminars , brown-bag sessions, or printed training materials.

  • Training for support staff . Your support staff will also require training on the various directory technologies used within your organization. The types and sources of training materials are generally the same as for end-user training. Unlike end users, however, your support staff will require deeper knowledge and easy access to reference materials such as operations manuals and troubleshooting guides. For applications developed in-house, your application developers may be available to develop a training course for the administrators and Help Desk personnel who will support the application.

  • Training for developers . If you plan to develop directory-enabled applications in-house, you may need to provide training for your developers, especially if LDAP and directory technologies are new to your organization. Developer training resources might include seminars, conferences, and reference documentation.

Reducing Support and Training Costs

Whether your organization provides an in-house help desk or contracts with an external provider of support servers, providing your end users with better information can significantly reduce the number of support calls. Here are some suggestions for doing this:

  • Make sure your directory-enabled applications provide clear and helpful error messages when a directory problem is encountered. These messages should state succinctly what the problem is and what the user should do about it.

  • Use the Internet to deliver help documents to end users and advertise their location. If your users know that there is a high-quality collection of help documents online that often answer their questions, you can head off many support calls.

  • Provide status information about your service to your end users. For example, if your directory service is temporarily unavailable, providing this information on a central status page and via a recorded telephone message might reduce the number of calls received by your support desk.

  • Provide convenient training for your users to help reduce the number of support calls. Seminars and online tutorials are excellent ways to improve end-user knowledge.

  • Provide good reference material (such as this book) to your directory developers and deployers .

Support and Maintenance Contract Costs

Keeping your directory system running smoothly is much easier if all your hardware is functioning correctly and your software is up-to-date. The types of support and maintenance contracts you might purchase include the following:

  • Software support contracts . Some of the software packages you use to provide your directory service may offer (or require) an annual maintenance fee, which entitles you to bug fixes and support. For example, some OS vendors offer an online database of patches available only to customers who purchase a support contract.

  • Hardware support/maintenance contracts . You might choose to purchase a maintenance contract for your server hardware that covers the cost of repairing any failed hardware. These maintenance contracts provide widely varying turnaround times and costs. The advantage of maintenance agreements is that their costs are fixed and can be included more easily in a budget.

  • Self- servicing costs . An alternative to purchasing a maintenance agreement is to provide your own in-house service. This approach requires that you have adequate knowledge in-house to diagnose hardware failures, as well as a supply of spare parts for all your servers. It also requires that you have an arrangement with a supplier who will exchange failed modules for new or refurbished modules (for a fee, of course). If you have a heterogeneous computing environment, consider a vendor who can stock parts for a wide range of computing systems.

Reducing Support and Maintenance Contract Costs

Hardware maintenance contracts vary widely in terms of turnaround time. If you have sufficient extra capacity in your directory service (perhaps you've deployed some replicas and have spare capacity), you may be able to tolerate a longer turnaround time for repair or even use a depot service arrangement.

If your organization is large, it may make sense to provide your own in-house service as just described. If you have sufficient knowledge in-house to consider this option, you may find that it is significantly less expensive than purchasing a service agreement.

Finally, as with the other major purchases you make to deploy your directory service, purchasing support and maintenance agreements in larger quantities may offer some benefits when you're negotiating prices.

Costs of Adding New Directory-Enabled Applications

Planning to accommodate new directory-enabled applications and additional load is vital to your directory's continued success. Understanding the costs of these enhancements, which are described in the following list, is therefore also necessary:

  • Costs of additional systemwide capacity for new directory-enabled applications . Each new directory-enabled application deployed may make additional demands on your directory. For example, if you deploy an extranet application to your distributors, you might use the directory to control access to the application. This means that your directory must be prepared to accommodate directory entries for all the users at your distributors who will use the application. You might choose to deploy a dedicated replica of your directory data for the exclusive use of that application.

  • Development costs for new applications . Developing a new directory-enabled application has a set of costs associated with it, including costs for development hardware and software, training for developers, and developer salaries and benefits.

  • Deployment costs for new applications . Putting new applications into production involves piloting the application, developing and distributing documentation, training your support staff, and rolling out the application for general use.

  • Costs associated with planning for expansion . In addition to the actual costs of capacity expansion, planning for the expansion has its own associated costs. Typically these staff costs involve the process of understanding and planning for the additional capacity needed for new applications.

More information on directory-enabled applications is available in Chapters 21, Developing New Applications, and 22, Directory-Enabling Existing Applications.

Reducing Costs of Adding New Directory-Enabled Applications

When adding capacity to your directory service, use the same techniques you used to obtain the best price for your original hardware. Also be sure to purchase appropriate hardware for continued growth. For example, if you know that in the future you will need 100Mbps networking to your servers to handle your directory traffic, don't make a large investment in 10Mbps technology that will have to be replaced .

You can reduce ongoing costs of application development by using sound software engineering techniques. Try to develop reusable components that can be shared by your developers. For example, you might be able to avoid reinventing the wheel by developing or purchasing a utility library that contains code common to all directory-enabled applications. This library can be distributed in binary form and linked with new applications. If bugs are found in the library, they can be fixed by the library maintainer, and a new library can be distributed to the application developers.

   


Understanding and Deploying LDAP Directory Services
Understanding and Deploying LDAP Directory Services (2nd Edition)
ISBN: 0672323168
EAN: 2147483647
Year: 2002
Pages: 242

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net