<%mainShowBanner("ciu") %>

<%mainShowBanner("CIU-FLEX(CIU-2)") %>

Is RAID Worth the Cost?

This week we'll explore the topic of RAID and discuss whether or not its overall value justifies the added expense. We'll also discuss some of the problems you might run into with a misconfigured firewall and what you can do to resolve them.

By Ron Pacchiano

Q. Our current server is pretty outdated, and we just started shopping around for a new one. I've been checking out all of the popular vendors (Dell, IBM, Compaq, etc.) and noticed that with all of the various options, servers can become pretty expensive. We are on a pretty tight budget and are trying hard to keep costs down as much as possible. One of the options we are considering is dropping the server's RAID configuration. Between the cost of the RAID controller and the additional hard drives it requires, this is a pricy option that adds considerably to an already hefty bottom line. I'm not very familiar with RAID technology or its operation to justify the added expense to my superiors. I've spoken to some technical people, and they said that I could get away without it for now and, if necessary, add it later. Do you feel this is something we can pass on now, or is it worth investing the extra money for? Thank you in advance for the advice.

A. To answer this question you really need to ask yourself one very simple thing -- how much money would your company lose for every hour the network was unavailable? For most companies, this figure can become quite large. One of the companies I worked for suffered a similar problem, and their cost was nearly $12,000 an hour. We were down for 3 hours and lost almost $36,000. If your company would suffer a similar loss, then it would be in everyone's best interest to keep the new server up and running.

This brings me to RAID. One of the most cost-effective ways for a company to maintain the reliability of its network is to implement RAID technology on all of its servers. RAID stands for Redundant Array of Inexpensive Drives and is designed to minimize or eliminate server downtime in the event of a hard drive failure. There are many levels of RAID that can be implemented, but the most common are RAID 1 and RAID 5.

RAID 1 uses a technique called "Mirroring" to safeguard data. Essentially there are two hard drives in the system of equal capacity; one drive stores the operating system and all of your company's data, while the other sits in the background and copies everything that is being written to the first. In the event that the primary drive fails, the system can easily be reconfigured to run off of the mirrored drive. The drawback to this setup is that the server must be brought down and manually reconfigured before the mirror can be accessed. If you don't have an onsite support person, you could be down for a few hours, but at least all of your data would remain safe.

RAID 5, on the other hand, uses 3 hard drives of equal capacity and treats them as one single logical disk. So if you have a server with three 30GB HDs, 60GBs will be used to store data and the other one will be left as a parity drive. This parity drive acts as a real-time backup for the other two data drives. So in the event that one of the 3 drives crashes, the server continues to run and users are able to continue to read and write data to the network until the bad drive can be replaced. You'll find this configuration used in most companies.

Many network administrators, myself included, configure a server to use both RAID 1 and RAID 5 together. RAID 1 is used on the drive containing the network operating system. We then use a RAID 5 partition to store all of our user data. This configuration allows the administrator to get the server back up and running quickly in the event the OS partition fails, while at the same time still protecting the users' data against drive failure.

As far as the option of adding RAID to the server later, I wouldn't recommend it. Even though you can do so, you should know that it is a big job and is typically quite time consuming. The data would first need to be backed up and then the server taken down. You would next need to install and configure the new hardware, and finally, the data would then need to be restored to the new drive. If this is a production server, finding the time for this type of job could be difficult. More than likely, it would end up needing to be a weekend project. My recommendation: spend a bit of extra money now and avoid any costly delays later. In the long run it will be one of the best investments you can make in terms of the overall reliability of your network.

For additional information on RAID and its different implementation options, please visit http://searchstorage.techtarget.com/sDefinition/0,,sid5_gci214332,00.html.

Q. A good friend of mine recently purchased a new PC and let me have his old one. I managed to network this machine with my original one and created a small workgroup that is primarily used for network games and printer sharing. Both machines are using Windows 98SE. The problem is that these two computers cannot see each other unless I disable my Norton Firewall. I don't understand why I have to disable my firewall in order to access the other PC in my workgroup? Any suggestions you have to fix this would be helpful. Thank you.

A. In your question you didn't provide us with a lot of information on how your network is configured. For instance, I don't know how you're sharing your Internet connection with the machines in the workgroup. Are you using a router, or is it being shared with a software package like Microsoft's Internet Connection Sharing (ICS)? Is Norton Firewall running on both machines? How are the PCs connected to each other? Are they using a hub, or are they connected by a crossover cable? This lack of information makes it difficult for me to provide you with detailed instructions on how to go about fixing the problem. For this reason, I think that the best way I can help you is by simply reviewing the role of the firewall and explaining how it works.

Regardless of whether you're using a software firewall like Norton's or a hardware firewall, all firewalls are designed to do essentially the same thing -- protect your network from any unauthorized access. In order to do this, the firewall needs to be placed between the network (LAN) and your Internet (WAN) connection. This placement allows the firewall to examine all incoming WAN traffic before it can make it onto your network. Any traffic not recognized by the firewall will be discarded. Since the firewall is supposed to be acting as a gateway to your network, all traffic moving behind it is considered to be trusted by the network and allowed to move freely between workstations.

If, however, you were to use Norton Firewall on both of your workstations, each system would in essence become a separate network (LAN). So even if they shared a workgroup name, they would still be unable to gain access to one another. To properly set up a software firewall, one PC (called the Host) is typically configured with two Ethernet adapters. One adapter is used for your Internet or WAN connection and the other adapter is used to connect the client PCs on your LAN. The firewall needs to be configured to protect your WAN connection. In this way, the firewall can monitor all WAN traffic while still allowing all LAN traffic to move freely over your network.

This configuration can be somewhat complicated to install, especially for people with minimal networking experience. If you fall into this category, I would suggest you forgo the hassle of using this configuration and just invest in a good low-cost hardware-based router/firewall. I hope this helps.

Use our feedback form to submit your questions on home or SOHO networking issues. We cannot guarantee to answer every question we get, but we'll consider them all.