Servers

A good server naming convention eases IT workload

Frisky? DC1? Bozo? Pluto? ESX1? These are all server names. Which ones make the most sense? Scott Lowe talks about server naming.

When it comes time to name servers, every organization has their own way -- or lack thereof -- of handling the task. Early on in my IT career, I remember seeing servers in all kinds of places named things like Spock, Kirk, Neptune, Pluto, and Venus. It was obvious that these organizations decided to standardize their server names on Star Trek and the planets -- back when Pluto was still a planet, of course. 

When I was a systems engineer for Thomson Financial, we had two server naming conventions: UNIX servers were named after global currencies, while the servers on the Windows side of the house were named after various presidential pets. In the case of the Windows servers, my boss wanted a server naming convention that was at least somewhat scalable to a few dozen servers while also being somewhat obscure.

There was a day in which "security through obscurity" ruled the roost when it came to naming servers (this is still the case in many places). In these instances, the server name was completely decoupled from the server's role.  As you can tell from my Thomson Financial server naming convention, that organization felt that naming servers with names that had nothing to do with the server's role assisted in helping to secure the environment. At that time and in that environment, this outlook certainly made sense, particularly given the fact that we weren't running a firewall at the front end of the network. (For the record, it was 2001, and the exclusion of a firewall was a decision that was made by people well above my pay grade.)

I understand the security through obscurity argument that's commonly made when it comes to randomizing server names. The general thought is that tying a server name to a function gives an attacker one more bit of information that could be used to refine or target an attack at a specific service.

Although I I understand the argument, in the kind of environment I work in now, I don't agree with it. I believe that the additional administrative difficulty that is introduced with random names is not worth the semblance of security that is achieved. I'd much rather see IT not have to refer to a server index when it comes time to do work. For example, suppose someone is having a problem with Microsoft Exchange. Is her mailbox housed on Frisco, or is it housed on Turtle?  Obviously, over time, administrators will learn which servers do what, but this also extends the training period for new administrators.

I much prefer server naming conventions based on the role of the system. Boring? Yes. Functional? Yes. Some of our server names at Westminster include ESX1, ESX2, Mail1, DC1, and so forth. Sure, an argument could be made that we still don't know which server houses a particular user's mailbox, but at least we know where to start looking when we have to track down a problem.

Naming conventions on campus aren't limited to servers. We've recently moved to a new print server and, at the same time, moved to a common convention for our printers. Our next target is desktops.  As IT team members have come and gone, we've run the gamut of desktop naming conventions, and every single one of them are in use to this day. Can I tell you how difficult it is to understand what's actually out there when we're using something like four naming conventions? It's time to tighten that up. This has truly come to light as we've begun to deploy System Center Configuration Manager, which is very client-focused. The goal is to build SCCM collections that include, for example, computers that reside in the Business Office. When you have a bunch of naming conventions (which really means you have no naming convention), it's really difficult to figure out which machines are which.

Good naming conventions aren't just for IT, either. Users benefit from consistency. For example, we seriously simplified the process for connecting to a new printer on campus. Now, the printer directory actually makes sense. It's reduced printer-related support calls to the help desk, too.

As for Westminster, we're making progress on this front and will continue to do so. As we retire servers, the replacements come in with names that match our current naming convention, and life is just easier all around.

Related resources

Want to keep up with Scott Lowe's posts on TechRepublic?

About

Since 1994, Scott Lowe has been providing technology solutions to a variety of organizations. After spending 10 years in multiple CIO roles, Scott is now an independent consultant, blogger, author, owner of The 1610 Group, and a Senior IT Executive w...

11 comments
sreid08
sreid08

After living with a server that was DEATHLY SLOW ... when I finally got approval to buy a new server that was faster than ANYTHING we had in house at the time - I named it SherrisBitchinServer !!

Deadly Ernest
Deadly Ernest

Have naming conventions that don't immediately say what they are, but when thought about within the corporate naming convention, they do because various types have a theme going through them. Some more obvious examples would be to have mail servers named for past Post Master Generals, sort of thing. One place I mentioned this ended up with a bunch of servers named Bastard, Rough Cut, Smooth, 2nd Cut, Nail - all were file servers and those are types of files. Initial looks mean nothing, but a bit of thought does.

Kam Guerra
Kam Guerra

I've used the 3 Chipmunks (then added the females when we got more servers), the 7 Drawfs, Teenage Mutant Ninja Turtles, most of the cast for Lord of the Rings - stuff that made sense.

luisguerrero
luisguerrero

12 digits will be fine for a tiny size or a world wide IT enviroment. i do name both server, printers, laptops & desktop using a 12 digit name. first two: country 3 more for: State or branch office 1 digit: " - "for Laptops, desktop or printers. else we ommit the " - " like servers then 6 digit to give an incremental number Mine is this: MXTLA-000255: Mexico, Tlalnepantla, Machine 255 (or EVEN BEST: Mexico-TLA user: 255 it will help your accounting department) each of us have a "nomina" number. for servers it works sorta same like this: MXTLASERVER5: Mexico, Tlalnepantla, Server05 MXPOLFILES01: Mexico, Polanco, File Server 01 USTEXMAIL001: USA, Texas, MAIL 1 Server Also our PDC is: USNOCCHIEF0 BDC1: USNOCCHIEF1 BDC2: USNOCCHIEF2 so on.. PRINTERS: MXTLA-MULTI1 MXTLA-FAX222 and yes... you are right, so many users will have more than 1 machine, so you just simply can add a letter: My desktop is MXTLA-000255, so my laptop will be: MXTLA-000255A i havent meet anybody who owns more than 32 machines (not at enterprise); want to replace their original machine for a brand new one, SWEET!! format the new one, install OS create the name of machine at DC and just put an X after the name; recieve the old one, migrate filesm, erase the machine name at DC and rename the new one to the original name. So simple.. (not much... LOL)

ca_tron
ca_tron

We recently changed our computer naming convention (the 3 that we had in place) to either a D (for desktop) or L (for laptop) followed by a 15 character service tag (if the service tag is not 15 characters, 0s are placed before the tag). This has allowed us to streamline our Help desk calls sice we can now look up the computer information on th Dell website without having the user pull the computer out to try to find the service tag number. We have found that this has dramatically reduced the time it takes to resolve an issue.

david.valdez
david.valdez

After a bit of discussion, we elected to use names that include region/location,dash, purpose/role, and a number to indicate if there's more than one of that role. We have regions AND sites, so you can quickly look at the first three letters of the name to know the region/site. The next set of letters is standardized, but free-form in that it doesn't require fitting a certain number of characters. For example, if we had an email server located in a collocation facility called ViaWest, we might have a server named VIA-Exchange-01. While it's not the long lost and lamented Cow and Elk servers I recall from my misspent youth at Intel, it does make everything machine and humanly parsable. I've got a good crew when it comes to things like that. =)

ricardoc
ricardoc

What happens if you move something? I know server don't move, but laptops, printer and desktops do, at least where I work. I work with an electrical contractor and desktops and laptops move every time a job is finished and another is started. Even servers (small remote ones) move. I've been using a scheme with a 3 letters for the CPU model followed by the month/year and a two digits consecutive for the year (we don't buy more than 99 computers in a year. I don't like this model but I can't come up with anything better, especially since attaining the computer name to a location is impossible for me. Any ideas are welcome :-) Thanks,

davidt
davidt

Being a Dell/Microsoft shop, I wished I had hit on that Desktop-Laptop naming convention long ago. I had already incorporated operating systems and roles into the computer name, but the service tag would have been a great addition

kmdennis
kmdennis

I remember some applications using SQL would not play well with a dash in the server name. Ever since, i have avoided the use of special characters in computer names.

bradcoll
bradcoll

I have been doing this for years, and I use a similar principle but keep them short and easy to remember (cuts down on training time) XXXEEE99 is the format I use, XXX = site name (if multiple sites) or company abbreviaiton eg: SYD for Sydney or WST for Western Corporation EEE = server purpose eg: PRT for Print Server, FS for File Server - (this is not strictly limited to 3 letters, it can be more or less but I do prefer to keep it around 3) then of course 99 = a number to indicate how many you have, starting at 01 and going up from there of course. so in the end you have servers called : WSTFS01 for the file server WSTPRT01 for the print server WSTPRT02 for an additional print server all easy to remember and yet desciptive of their purpose

kmdennis
kmdennis

But for the most part, an attacker will be running some kind of network scanning software which will tell what type of machine it is. So I don't see how the naming would help secure anything. But I guess if the potential attacker was just going to look for a name that indicates the machine type then it would delay him somewhat. I have worked in companies that named computers based on the username, but that works fine in companies with a small number of computers. It is not the best but it works. If I had to do it for a large company with computers spread over a large area (the whole USA or International), I would use a naming convention which would indicate the Country/State|Role/Type|Dept/Location|# For example: TXDSKFINFL1 - Texas Desktop Finance Fisrt Floor. It definitely helps when you have an idea of the location of these computers. In the case of Servers you could use the role to simplify things.