July 10, 2014 | Written by: Wolfgang Kulhanek
Share this post:
Congratulations! You just created your account for SoftLayer, an IBM company, and you now have access to the premier cloud platform from IBM.
Now that you have received your login credentials, there are a few things that you should consider before you start creating servers and other services. Most have to do with the security of your account, so it is best to think about these earlier rather than later. Here are some of the immediate tasks I’d recommend:
Create an administrator account
When you are looking at the SoftLayer login portal it is tempting to use the initial credentials and immediately start creating servers, storage and other services. The first thing you should do, however, is to change your password and create a master admin account. You should never log in with the original master account—that password should be in a safe somewhere, for use only as a last resort.
The very first time you log in, use your original credentials to get into the SoftLayer portal. You will find the User Management section on the right-hand side under Account. Just click on Users and when there click Add User in the top right corner.
Once you have created a new user give this user only the necessary privileges that the ID needs to perform daily tasks. Once you create your personal master administrative account, log out of the portal and log back in with your newly created account. From now on you should not need the original master account.
(Related: Creating your first virtual server in SoftLayer—a three-part series)
Set up additional User IDs
As a next step you may even think about creating multiple administrative user IDs for different tasks. For example, you could have one user ID just for accounting purposes. No other user ID would then need access to the accounting screens. SoftLayer’s very granular privileges make this kind of setup really easy.
Then spend a little time thinking about which user IDs you as the main administrator of the SoftLayer account will need and why.
At the same time think about your other users. Which privileges will they need? Who should be able to do what? Which user ID will be used for application programming interface (API) access?
I strongly suggest that you create a spreadsheet with all user IDs and their authorizations before you start creating actual user IDs.
Understand SoftLayer security
Make sure you understand SoftLayer basic security. There are a few articles on the SoftLayer blog that are well worth reading. Some topics you may want to consider are:
• What kind of firewall do you need? (You are setting up firewalls, right?!?) Will the basic SoftLayer shared hardware firewall be sufficient? It might be initially. Or will you need to set up a Vyatta Gateway appliance to manage your firewalls and other security services yourself?
• Which and how many virtual local area networks (VLANs) do you need? How will you separate them? Will they have firewalls between them?
• Which servers need access to the public network? Which servers only need access to the private and management network?
• Think about accessing your systems that are not connected to the public network. You will need the management virtual private network (VPN) for that. Are you going to create separate user IDs for accessing these systems? Or are you granting VPN access to some of your administrative users?
• What is your update strategy for the server operating system and applications?
• What is your policy or requirement on encrypting data in rest? Think about which disks and file systems you will need and consider the encryption options.
Get ready to deploy
Before you start requesting servers and resources, think about where you would want them. A unique benefit of SoftLayer is that every single data center in the world offers exactly the same services as every other data center. So you have full freedom to place your servers, storage, object storage and so on wherever you want within the SoftLayer infrastructure. Here are a few things to think about:
• Do you have data residency considerations that would require picking a particular country or data center?
• Do you have disaster recovery options that you will need to consider?
• Will you have to set up identical sites in different locations?
• Will you need local or global load balancing?
• What is your backup strategy?
• Which site is closest to your customers?
Hopefully after reading this article your understanding of what it takes to set up a SoftLayer account is a little bit clearer. You now know that there is a bit more involved than just taking the supplied credentials, logging into your account and starting to create services.
Quite a few of the recommendations above are somewhat obvious once you read them, but you’d be surprised how many clients I have found that had not initially followed this advice. All of the recommendations can all be applied at some later point in the life of the account. But it certainly makes it a lot easier to set up the account correctly in the first place.
For those of you already on SoftLayer, are there any other tasks that a user should consider after getting a new account? Please add your experiences to the comments below.
For more information please visit the SoftLayer website or contact me on Twitter at @wkulhanek.