InfoSys – SQL Server Training Topics

FNNI Organization Structure and Teams to be Familiar With

 Buildings
 FNTS
 FNIC
 DFS (Investments)
 Lauritzen Banks
 FNBO
o Credit Card
o Banking
o FNIT
 Infrastructure Operations and Infrastructure Engineers (System Administrators)
 Client Engineers (SCCM, VDI, Software Deployment)
 Storage Engineers (Rubrik, vSAN, FSx)
 Command Center / Network Operation Center (NOC)
 Service Desk

Office hours

Data Centers

 FNBO
o TC (Tech Center)
 Tech Center Building, Omaha, NE
o VMC (VMWare Center)
 East-1, AWS, Northern Virginia
o AWS Native
 Primary - East-1, Northern Virginia.
 Secondary Approved - Oregon
 FNTS
o CoLo = Rented space in a datacenter
o CoLo/TC (Tech Center)
 Primary Data Center. Omaha, NE
o CoLo/LC (Lisle Center)
 Secondary Data Center. Lisle, IL
o Mainframe (We rent from FNTS)
 Server names
o Some TC servers will be in VC
information Security and Security Measures

 Email
o Retention
o Scanning of incoming and outgoing mail
o Reporting Spam
o Phishing attempts
o Attachment scanning and manipulation
 Penetration Testing
o Seen in log entries
 Intrusion Protection System (SQL Injection Detection)
 Firewall (Checkpoint and NSX)
 Desktop Monitoring
 Antivirus and threat detection (SentinelOne)
 Vulnerability scanning (Qualys)
 Proxy (Netskope)
 Security logging (Splunk)
 Installing or downloading software
 Database security assessment (Ecora and orphaned users)

Overview of Email

 Pager emails (request a pager contact)

 Team group email

ServiceNow Overview and Configuration

 Previously named OneSource

 Review ITIL – Incidents, Service Requests (DATs), Change Requests, Problems
 Review Agile – Stories, Epics, Projects
 Vulnerability tasks
 Adjusting On-Call
 Creating Reports
 How to search through inactive material
 Forms we frequently use
o Requesting Storage, CPU, Memory
o Retirement of Servers
o IPL Patching
o Info sec forms for Firewall, Accounts, etc
 WazzUp
o What is it?
o Maintenance Mode
Overview of Zoom

 Meetings/Collaboration
 Calling

Documentation is, or will be eventually, all stored in SharePoint. We will give a brief overview of the site.

 Links
 Shares
 Folders
 Important documentation, policies, and procedures
 On-call calendar
o We will likely be retiring the use of the calendar as we likely won’t be tracking Infosys’s
on-call schedule

There are several shares your account will have access to in order to support imports and exports. There
are also team and IT shares we need to review:

 Encrypted file share (Vormetric)

o \\master\fnshares\dbaextract
 Team file share
o \\master\fnshares\daentsys
 IT share
o \\master\fnshares\it_transfer

SQL Servers can be found in 13 different DMZs which are also in different domains. There is no trust
between the domains. You will need an account in each domain listed below:

 AFS
 CKIMGD
 DMZ2P
 DMZ2Q
 DMZ3C
 DMZ3D
 DMZ3P
 DMZ3Q
 DMZIIP
 DMZIIQ
 DMZPRMN
 DMZPRMP
 MASTER
 o This is the account you get by default you login to your PC with
o Management DMZ

FNBO purchases support with Microsoft. You will need Microsoft Premier Support access.

Regarding our environment, there are several things to look at:

 Versions and Editions of SQL Server we support

 Storage and mount points
 Licensing
o Flexera
o Licensing spreadsheet
 Review basic configuration standards
o Optimize for adhoc workloads
o Cost threshold for parallelism
 Review sp_whoisctive
 Review Ola Hallengren Scripts
 SQL Audit
 TLS (1.2)
o Registry Settings
o Cipher Suites
o Compatible Drivers
 SQL Server Components we have installed and support
o SSRS, SSAS, Database Engine, Power BI Report Server, SSIS, and MDS
 Our installation scripts on the team share have a lot more details in relation to how we
configure servers. It’s recommended you study them.
 Servers
o RDP
o Permissions
o Event Viewer and Perf Mon
o Utilities on servers
 SpaceMonger
o Windows Failover Cluster Manager
 What if a C drives filling up?
o Proper way to delete old profiles
o We should move to involving system administrators
 Database mail and SMTP servers

 Agent Jobs and code we support

o Documentation is in progress
 Patching Process for SQL Server and Windows
 User access and AD integration
  Service accounts and AD integration

VMWare

 Our clusters in each data center

 Snapshots
 Web console
 Tasks and Events
 Performance Monitoring

Backup Solutions:

 Rubrik
o SLAs
 Retention
 Frequency
o VSS and Snapshots
o Reports
o Live Mounts
o Client and configuration
o Refreshing hosts
 Native backup solutions
o System Databases and other exceptions
o KeepUntil folders

Encrypted databases and TDE

 CipherTrust
 Re-encryption of DEK and Data

We have automated a lot of reporting through a custom data collection system. These are the topics
we’ll need to cover in relation to that:

 Data collection
o Main database
o How collection works on each instance
o How data is collected
o Custom tables built around collected data
o Integration with other systems (SCCM)
o Database tagging through extended properties
 SSRS Reports
 o Patching
o Security Audit
o Application/DB lookup
o TDE

Auditing

 What to provide Auditors when requested

 Orphaned Users
 Sys Admin permissions
 Deleted AD Users

Disaster Recovery

 VCDR / VCLR / Live Recovery

 Replication via Read Scale Availability Groups
 Backup and Restore
 DR Sites (Lisle, AWS)

Monitoring and Alerts

 Idera Diagnostics Manager (DM)

o General overview of alerts and navigation
o Putting servers in Maintenance Mode
o Templates
o Alerts
 Agent Job alerts
 Dynatrace
o Response Time vs Query Time

Idera Compliance Manager (CM)

 Client
 Folder on server
 System overview
 DMZ Configuration

Password Vault (CybeArk)

 How to access files

 Standards for account creation
Data Warehouse Environment

 Staging and Integration

 SnowFlake
 ETL Accounts
 Jobs
o FIlenet, Tokenvault
 “Their” Agent Jobs
 Refer to documentation on their server setup
 SSIS Licensing on App Server
 SSAS
 MDS
 Informatica
 “Landing pad”

How servers are provisioned

 Architecture Diagram (website)

 The Form (some exceptions may occur)
o Approvals

Tools we utilize

 SSMS 17-20, VS Community Edition, SQL Sentry Plan Explorer

 Notepad++, WinMerge, Active Directory Users and Computers (RSAT)
 If needed, please consult with management regarding getting UltraEdit for large files
 We presently have Redgate tools, but we are reviewing whether these will be available
o SQL Prompt, SQL Compare, SQL Search

Teams

 Channels and Team Chats

On-Call and After Hours Responsibilities

 Monitoring email
 Response time and responding to pages
 Addressing incoming Service Requests (DATs) and Incidents, and other similar requests
 Current schedule and when we have switched over
 Monitoring active alerts in Idera
  Manual Windows Patching Systems

Other External Systems we use

 DS Info
 Orion – for some network information
 Venafi - Getting SSL Certificates
 Intranet
o Stop Codes
o Cost Centers
 Workday (training)

H drive / OneDrive / Roaming profiles

File Transfer systems

 Axway
 NDM (Stirling Direct Connect)
 Scheduled server (Visual cron)

Applications of interest that we support:

 PRM
o AG, Reporting, Exports, Integrations, Uptime (and communicating downtime)
 Wealth Management
o Agent Jobs
 Windows Failover Clusters
o Cluster Aware Updating
 Agent Job with PS script
 Nautilus
o Restrictions
 SCCM
o Licensing, integration, co-installed
 JSITE

o Archive, Partitioning, Schemas, Import

 VIKING
o Imports and Exports
 Power BI
o Support model
 MDS
 o Support model
 Archive
o Tagging, Rention, Reporting
 R360
o Partitioning, Import
 BIC
o Reporting
 Bancware
o Capital Markets – SSIS import
o Database copying
 Card Wizard
o Uptime
 KnowYourCustomer
o Data import process (geospatial)
 GMS
o Software data replication
 Cardservicing
o Service Requests
 ODS/Web Facing
o CDS

Organization Holiday Freeze of Changes (see schedule in ServiceNow)

Releases, deployments, and anything surrounding changes