As I predicted back in March, Windows Server 2003 has become THE topic of conversation in almost every customer that we speak to. We are now just under 8 months away from the end of life of Windows Server 2003. Some customers have started their migration, but the reality is that many customers still have not. Specifically, in a fairly informal survey that partner AppZero conducted, only 25% of customers have a plan for their Windows 2003 infrastructure. Even scarier was the idea that 38% of these customers have more than 1000 Windows 2003 Servers out there. Redmond Magazine just published an article in September that quoted Microsoft as identifying Windows Server 2003 running on 39% of the Windows Server install base. That translates to 9.4 million servers just in North America. I thought that now would be a good time to step back and share some customer experiences and what you should be doing about your Windows Server 2003 environment. Time is running out and custom support agreements are expensive.
Recap on why it’s important
Just want to take a minute to refresh everyone’s memory here. The consequences of doing nothing can be severe, they include:
- Security vulnerability
- System failure without recourse (no hotfixes)
- Loss of certification of compliance.
That last bullet is interesting. While often a specific system has been certified (so for example, Application A running on Windows Server 2003 with selected hotfixes has been certified by “such and such organization”) in the case of certain financial certifications, customers may find themselves out of compliance because of the lack of security updates to the platform. This goes for just doing nothing or for isolating the system from the network. Isolation is ok, but as Gigaom points out in their article regarding the risks of migrating, isolation doesn’t help you in the event that you require support from Microsoft. You won’t get it. Now, you can go the route of a custom support agreement, but keep in mind a couple of things:
- You need a premier support contract to get a customer support agreement
- As I mentioned above, customer support agreements are expensive
- You are still going to need a plan to migrate because custom support is only available for 2 years.
It is critical that customers understand what the consequences of doing nothing will be to their environment.
So, I have to migrate, now what
At this point, you have decided that you need to migrate and you think have 2000 servers with Windows 2003 in your datacenter and they all have something on them. What’s the first step? The process of planning and executing a migration off of Windows Server 2003 is time consuming and its easy to miss little nuances. Those little nuances are the risks that come back later to haunt you. This is one of the cases when you won’t want to try to take this on yourself; you need professionals to assist you. Everyone on your team already has a day job to accomplish, and you want to work with someone who has done this before. I’m handy putting in light switches and changing electrical outlets, but I wouldn’t install the 220 line in my garage, I’ll hire an electrician for that. This is the same kind of thing. Professionals have the tools, the experience and the methodology to get this process done faster and with a better sense of quality that your business partners will appreciate.
Inventory, Identify and Prioritize
You think you have about 2000 servers out there. Well, you need to be CERTAIN that there are 2000 servers out there. How recent is your inventory? If it wasn’t updated last week, you probably need to do another. If you don’t have a good way to accomplish that, then its time you work with someone who does this for a living so that you can get a good inventory and begin the start of a new CMDB for yourself. You have to be able to account for all of the servers on your network with this OS because (as we have already said) after 7/14/2015 that machine is now a liability on your network.
Next you have to be able to identify all of the applications on those servers. Now, let’s be a little more specific about this. In my experience, I have worked with customers who say they have an inventory and when I look at the applications list, it’s a lot of commercial off the shelf (COTS) applications that generally are part of the server image. I’m going to bet that your new server image has all of those applications already, so we can cross them off the list. What we are talking about here are applications that actually matter to your business. That doesn’t mean all COTS applications are out. Your business may rely on faxing heavily and you have fax software running on the server down the hall and it just happens to be Windows Server 2003. That’s relevant and needs to be accounted for. Can you identify all of the applications (COTS, custom, web, whatever) running on your servers? If the answer to that is ‘no’ then you have a lot of work ahead of you. If the answer is ‘yes’ then the next question is ‘do you have a contact for each of those apps?’. Who from the business is accountable for that application because they need to identify compatibility and understand the migration options.
Grouping & Migration Events
Once you have your list of server, applications, application owners, you can look at tackling the idea of grouping these servers/applications. There are only so many ways to tackle the issue of remediating these environments. The best thing you can do is identify groups of applications that require the same type of remediation. So for example, if you have 200 servers that represent file servers in your environment. Those are all going into one bucket. Print servers, another bucket. When you get to the applications themselves (COTS, custom, web, etc) then you have to figure out what kind of bucket those are going to fall into.
Now that you have your inventory and you have created your buckets, now you can look at planning/scheduling these servers for migration. This must be a separate exercise, do NOT assume you can do this as you go along. I refer back to my favorite slide when I talk to customers about projects.
The reason the green line looks so much better is because more of the risks are identified up front and planning ahead of time has taken care of them. If you wait to accomplish as you go, you will end up realizing the risks during deployment and that’s not where you want to be (follow the red line).
I’ve talked to a number of customers and have engaged in some activities around this Windows Server migration today. Often I am coming across many of the same issues over and over. Hopefully, this will give you a good idea of how to start on your migration, or perhaps it convinces you that perhaps you need to bring in some help that knows how to do this. In either case, you have to get moving on this because the deadline is looming.
In part 2 of this, I will go through the options around the actual remediation and how those can be realized.