1

I started with a new company and they want to bring their IT Infrastructure back in house from the MSP they are using. What’s the best procedure to do this and what’s a good management platform to use to mange theses devices?

48 Spice ups
2

I’m not sure how large your company is, but I would plan this out with checkpoints. You have to figure out at each checkpoint - what’s your disaster recovery plan, warranty, repair, etc. How are you going to get stuff fixed when it breaks? Who is in charge of what? And the biggest point, what is the cost?

13 Spice ups
3

I am just about 90% finished this journey. It is tiring, to say the least. I was left with an outdated password list and little to no documentation.

  • Get every piece of documentation. Every. Piece. Even if is seems irrelevant at the time,

  • Get a contact from the MSP that you can contact directly to ask questions. You will have many,

  • It takes about 18 months to figure out all things that have been done to your network. You must go through this cycle with an eye to what is affected, what needs to be changed and how best to change it,

  • Have a plan,

  • Document this info yourself.

  • Pray to which ever God/Deity/Idol/Object you subscribe to. You’ll need it.

Good luck. We’re pullin’ for you.

29 Spice ups
4

Thanks for the information.

1 Spice up
5

They are also running VMware. These are the questions I asked the MSP.

· Number Of Locations

o 6

· What Hypervisor are you using?

o VmWare

· How many hosts are being used?

· How much storage does each location have?

· How many physical and/or virtual servers do you have?

· Do you have any resources in the cloud?

· What is the age of your infrastructure?

· Do you have any expected growth to the workloads you are currently running?

· What are your critical applications and workloads?

· Do you have a backup solution in place?

· If so, what solution are you using?

· Do you have any disaster recovery plans or systems in place?

1 Spice up
6

Good luck getting much help from the MSP, they are losing a customer, and in many cases, will be less and less willing to help someone who is about to stop paying. You have some great advice above. Lots will depend on your resources available for the task, how much down time you will be allowed, how large the org is etc.

Personally I would plan it out like it is a new company (why inherit their MSP garbage)

Fire up your own network, you own cluster(s), etc. Get all of that working and documented, then you can start looking at where their stuff fits in and where it does not. Trying to swallow the whole pie at once is a tall order. I like to break it all down.

best of luck and when you are done, please come back and tell us how it went! Then someone else can learn from your experience.

16 Spice ups
7

Here are a couple of points I thought of for you:

  1. Networking: This is just another perspective you might overlook, but if you are planning to pull your infrastructure back in make sure you or someone on your team has a solid set of networking (Cisco, etc) knowledge. Running VMWare is one thing, but ensuring that it all communicates properly and efficiently is another.

Perhaps ask them for a networking map to show you what subnets they use, DMZs or anything else networking related that they may be able to tell you.

  1. Servers: How many servers is this MSP hosting for your company? Is it possible to VMotion from their site to your newly acquired VM environment?

  2. Applications: What applications are hosted on this server? Is there any documentation on these applications such as firewall rules (ports)? Do any of the applications require specific hardware or Operating Systems to run?

8 Spice ups
8

Try RVTools for VMWare inventory.

5 Spice ups
9

I would echo the advise to treat this as if you were setting this up for a new company…if you have time and if you bosses will accept the likelihood that some things will change. If your mandate is to keep things as they are then I would suggest you start asking for documentation, diagrams, etc. before you tell them you are leaving. Seeing what’s available will give you an idea as to how long this transition will take. You can request it under the guise of vendor management. Good luck.

3 Spice ups
10

Ok. I have 2 technicians and most devices are located on site at our 6 locations. I’m thinking of hiring a Network Engineer once I have all the documentation. Both guys can do server work.

1 Spice up
11

Speaking only from my own experience with MSPs, you need to start stalking the CEO for compromising information to blackmail them with or you will never get all of the answers you need, let alone want. (This was intended a joke and not actual advice. Do not do this, it is illegal in most jurisdictions.)
I’m 3 months into a company in the same boat as you. Honestly you are better off doing your own leg work and saving your money and energy for strong arming the Admin accounts out of the MSP. If you can get those you should be able to sort out the rest.
I love opportunities like this because it’s the IT equivalent of restoring that Classic Car.

7 Spice ups
12

It looks like cost will not be an issue. How many machines / users total? You have 6 locations and 2 techs? I am jealous. We have 50 locations, 800 client users and there are 2 of us managing the entire thing. Some servers are on premise while others are Saas.

7 Spice ups
13

it there a way to award you “overworked” points. Goodness gracious. I bow in homage to that.

3 Spice ups
14

Having not gone through this before, I’m thinking a few steps further back than some of the others here. My first question:

  1. Does your company own anything other than raw data that the MSP managed? (ie: Do you own your VMWare & MS Server licenses?)

What your company owns vs. what the MSP owns, I think, should set a tone for what the best/easiest/most cost effective way to proceed might be.

If you’re company owns your VMWare License and such, then it should be “relatively” easy to move the virtual servers from the MSP’s hardware to yours (thus keeping AD, DHCP, DNS, etc… in tact).

If you don’t own much of anything, then it would likely be best/easiest/most cost effective to start from scratch like you’re setting up a new company (as others have said).

Good Luck

3 Spice ups
15

A smart service provider does not impede, they assist. The hope would be that the customer tries bringing it in-house, realizes it’s not as easy, and a year or two later comes crawling back remembering how helpful you were. Just like leaving a position to go somewhere else, don’t burn bridges. With that said, many service providers are not smart, and tend to be short sighted.

19 years ago when I took this position, the financial controller was running IT and leaned heavily on an MSP. The MSP had the keys to the kingdom and would basically handle everything. I was hired on to change that and bring it in-house. Unless there are hostilities already present, there shouldn’t be an issue. Be honest with them on what you are doing, work with them closely, document everything, and make sure you take over backups first so you can restore quickly if a handoff doesn’t go smoothly. If there are hostilities already present, then your organization may need to get a lawyer to keep pressure on them to keep them honest as you move forward. As you progress, don’t forget to check the permissions in systems to ensure they are being removed. A good MSP won’t take advantage, but always best to remove temptation as you move along. If removing the permission breaks something, then that adds to your documentation as you figure out the why it broke and how to fix it.

4 Spice ups
16

I would check your contracts as well that you have with the MSP to see what may be defined in the case of services ending and what they are obligated to provide you.

I am confused, is this all infra you already host and own? Or you are using an MSP and they are hosting your apps and services on their own infrastructure?

If you already own the 6 locations and all the hardware, than this becomes an offboarding process of the MSP, which means a security audit, off boarding MSP users, changing ALL passwords for ALL accounts on everything, and locking down firewalls, removing vpns, tunnels, anything like that…

Clarify this and can provide better info. As noted above me, there are good MSP’s out there who will make this as easy as possible for you, so in the future they are on your top list.

Also curious to ask, why are you bringing things back in house? You have 2 techs, do they have the expertise from networking to virtualization to application to cyber security? because most do not, even though we all think we can do it all (I used to be a 1 man IT show, and now I work for an MSP, so I have been on all ends of it)

4 Spice ups
17

Started down this path with a previous company, and realised that what they wanted to do was going to result in a huge bottleneck, that being the company internet connection. Their current setup utilised hosted SQL and M365 through their MSP and minimal infrastructure ( network switches, router, in house AD, DNS, DHCP server), even their phones were hosted Telstra services. What the accountant and IT manager saw was the reduced monthly cost however when we looked at the additional hardware costs and licensing it was about even. The bonus for me as the only IT tech was that with the MSP there was a backstop when I went on leave or was unavailable.

In the end I left ( and went over to the Dark side, I joined a MSP) before it got past the planning stage. By that time, I think I had made the management realise that changing from the MSP was not as simple as turning stuff off at the MSP and having their own hardware in house.

2 Spice ups
18

Hey Op

A good way to bring the IT back in house is if you have the budget and manpower, is to look into implementing an RMM to help with management of all your devices be pc servers or routers. RMM’s are used by both MSP’s and in house IT Departments and some platforms are made for these two sectors. They help you basically keep a steady head above water when managing devices and provide a bunch of tool to help you, like remote deploy, patch management, automation and network monitoring. Pulseway is a solid option to look into as we essentially aim to help the user excel at their job and make their life easier.

Check out Pulseway HERE if your interested and if you have any questions please let me know!

19

Get an RVTools export of the VMWare infrastructure, and screenshots of the license files

1 Spice up
20

My manager wanted to bring it back in house. I think the MSP was a good ideal for what they are paid to do.

1 Spice up