Background Information

I will try to touch on the decisions and challenges that an administrator may face in a variety of situations when trying to implement a lab, but I will use a specific example network implementing a change management lab. This network is a single site with 50 Windows 2000 Professional workstations, a handful of laptops running Windows XP, 7 servers running Windows 2000 Server, a very flat Active Directory infrastructure, a handful of systems running open source operating systems, a DMZ, and a LAN connected to the Internet by a T1. They offer remote access to the office via VPN and a Terminal Server.

The hardware inventory consists of a mix of 4 different desktop systems from various vendors. This network has some fairly new Dell PowerEdge systems which cost a few thousand dollars each. There are a couple of spare systems that have been sitting idle since some server consolidations took place, but the simple fact of the matter is that we are not going to be able to truly represent the full array of server hardware in the lab. This is very unfortunate since the servers are apt to cause the most problems if they encounter a problem with some new patch or upgraded software. However, in an organization that only has 50 desktops and few servers there is simply not a budget big enough for big change management lab expenses. So here we are simply constrained by our budget and doing the best that we can.

Network equipment can also be expensive and could cause a problem. In production there are 2 Dell PowerConnect managed 10/100 48 port switches stacked together and a Dell PowerConnect 10 port managed gigabit switch. First of all we do not need that many ports in the lab. I think the most important thing we will need to maintain in the lab is the switch management feature. There are currently no VLANs in production, but there should be. We will need to test the setup and configuration of these in the lab.

Software can be a big problem since licensing is expensive and even though this is just a lab we are not getting any free handouts for that reason. However, some of the software used is freeware or shareware so installing to more machines costs nothing. Also, by keeping the lab as small as possible we can keep the number of extra licenses we need to purchase as small as possible. Below is the list of software used in production with non-free software in bold.

• Microsoft Windows 2000 Professional
• Microsoft Windows 2000 Server
• Microsoft Exchange Server 2000
• Microsoft Office XP
• Mozilla Firefox
• Symantec Antivirus 10
• Acrobat Reader
• Acrobat Writer
• Microsoft Antispyware
• FileZilla FTP
• Zip Central
• Adobe Pagemaker
• Adobe Photoshop
• HomeSite
• Real Player

Designing the Lab

On the desktop our job is simple. Two of the desktop configurations are new, and two are older. We are in the process of upgrading a lot of these old systems so we retained one of each of the new machines during our upgrades so that we could use them in the lab. We grabbed one of each of the old machines when they were replaced by those newer models instead of sending them off to the recycling yard. So we have our four desktop systems for the lab.

Next on the list let's address our networking equipment. For about half the cost of the Dell PowerConnect series we can get a Linksys managed 24 port switch with a couple of gigabit ports on it. The fact that we have both gigabit and 10/100 ports available on the switch allows us the possibility of running some bandwidth simulation/testing if we desire. The important thing is we get a manageable switch which is similar enough to our Dells in production that without spending the extra money. You can see as we go along that the lab is not going to perfectly mirror the production environment in all aspects. We need to determine what we must have in the lab, and then work within our budget to try to make it a reality. As for other "network equipment" (to use the term loosely), we will use an old APC Smart-UPS which will allow us to run and test the APC software. We will buy a cheap 8-port KVM eliminating space and power requirements of using 8 monitors.

The servers are going to be a bit of a problem to accurately represent. We can't go tossing thousands of dollars around for equipment that management is essentially going to think does nothing. However, we have 2 PowerEdge 1650s, a single 2550, and a single 2400 sitting around doing nothing since they were decommissioned after being consolidated. Unfortunately the production network is using only PowerEdge 2550s and 2650s, so we won't have identical hardware in the lab. However, this is one of those times you are going to have to cater to your budget and work with what you've got. All things considered I think this is pretty good.

We will not be able to have any of our Windows XP laptops represented in the lab either. Again, cost is a factor and these are in too high of a demand with employees for us to keep one sitting idle all the time. Likewise, we cannot mirror our spam filters in the lab due to cost. This means we will really have nothing in our lab DMZ, but we will try to represent our DMZ on a basic level. Since we are using an open source solution for our firewall and web proxy though we can have those systems in the lab. Also, we can use similar, but scaled-down hardware for them since they will not be handling nearly as much traffic as our production systems. We will have a DMZ interface in our firewall, will keep it plugged into our switch, and will maintain an identical set of rules on our firewall. If we want to test whether some rule changes have broken connectivity between the LAN and DMZ we only need to plug a Windows laptop into the DMZ, start the SMTP service, and telnet to port 25 on the laptop from our mail server in the LAN.

The software inventory consists of a few baseline applications which are installed on all systems as well as a few specialty apps that only certain users use. We have covered the full list already. Since we are only going to have a few desktop systems in the lab we are going to install all of the listed software packages on each of the systems because we need to represent each hardware configuration. For the very pricey Microsoft server and OS software that we are going to need the best option is probably to buy an MSDN subscription. This will give us access to all of the Microsoft software for use in testing purposes on up to 10 machines, and we will get it at a good price (relatively speaking).

I am including a chart here that lists our lab equipment, a rough cost for each item, and its role in the lab to help clarify a couple of things. First, this should illuminate the costs of a small lab, and should help show that you can do this even on a tight budget. Second, it puts all the equipment I've mentioned in the last several paragraphs in a nice clean list so there's no confusion about what we have. Lastly, it's just good to have a clear inventory of our equipment for documentation purposes.