IT Infrastructure --- “least cost spending”
I have over the years found ways of doing things that cost very little or in some cases nothing. Yes there are downsides to “free” but its not always bad news.
Here is a list of things that can be done for a small company that will give you the feeling of a big solution.
Connectivity, we all need it and with the advent of fibre everywhere it’s a must have. How do you terminate your fibre to the home/business? The option of the cheap and nasty router is there but in the end its still just cheap and nasty.
I have found PFSense to be a fantastic solution, it’s a state-full firewall and can handle as much as you can throw at it. All you need is an old-ish PC with two network cards and you are good to go. It can do all the functions you would expect from an enterprise class firewall for the cost of ZERO.
If you wanted alternative hardware, you can buy one of those fan-less PC’s from China, they will cost you about 100 USD, comes with 2 LAN ports, a few USB and HDMI, it runs off onboard flash and runs PFSense perfectly.
If that is still not what you want then scrounge around few an old Riverbed appliance, re-flash it with PFSense, sadly it will only run the 32 bit version but it will run it very well.
PFSense can run in a HA configuration, so get two Riverbed Appliances and suddenly you have some redundancy, add a second link and you have an enterprise solution.
The firewall can do anything that an enterprise solution will do; site to site VPN, PPTP VPN, routing, policy routing, NAT, GEO IP blocking, proxy….. and more..
Yes, there are more free version around, I think they spilt off PFSense and created OpenSense at some point but since I was around from the initial stages of PFSense I have always just stuck with it. After all, if it works, why change it…
Monitoring, this is another essential requirement no matter how big or small your organization. A good monitoring system will be able to alert you of things as soon as they happen or in some cases before they happen. I use PRTG for all my monitoring requirements; the really great thing is that for a small organization you can get away with the “free” version. This is a full running version that is limited to 100 sensors. In a small business that is enough to monitor quite a lot of things.
You can monitor via SNMP and/or WMI which gives you insight into your connectivity devices and Windows servers. You can track things like disk space use get alerts generated long before the disk runs full.
Historical graphs can be viewed and netflows can be checked all giving you enough information to know what is happening on your servers, hosts and network.
Server Platform, in the past it was standard practice for a small company to have a glorified PC running the local copy of Pastel accounting or payroll, then someone had a PC that doubled up as a “ Data server”. Backups were problematic and in the end you had multiple copies of data all over the place. With the advent of VMware most corporates have moved off and gone the VMWare route leaving the smaller companies wondering what now?
Well, thankfully this has changed too, VMWare is available to the small business in the form of a “free” version. (has actually been for a while already) It’s a working version of the platform with some limitations, but the limitations are all the things that a corporate would require.
For a small company the free version is a perfect platform to host the accounting or payroll system and any company data. The limitations are along the lines of clustering and HA.
…. Then there is the question of backups…. This is one of the limitations of the free version, if you wanted to use something like Backup Exec or Veeam you will be stopped short because the free version will not support it.
Having said that, there is a free version of Veeam but it will not run on the free VMWare, so you either need a licensed VMWare platform or a different product.
Backup software, and there just had to be one, there is a product called Unitrends that has an appliance that worked perfectly with the Free VMWare.
Of course it’s a “free” version of Unitrends too and the limitation is 2 TB of backup data. Most small companies do not backup more than a few hundred megabytes per night. The software runs as a VM on your VMWare platform, it will send you reports based on your settings, restores are quick and painless, it support files based restores or bare metal restores. You can do a backup to NAS or local disk or you can backup to local disk and do a replicate to NAS.
Wifi, we all need managed wifi connectivity and there is no other option for corporate or small business as far as I can see. Ubiquity have a fantastic selection of products, their Unify solution is great. The Access points come in 2.4 / 5 GHz models but the best thing is, free from their website is the Unify controller that will tie all the access points together. You can create a closed network and a guest network, limit use and access and have full visibility of it, all for the cost of the Access points. The controller can run as a small VMWare appliance as a linux machine meaning you don't need a Windows licence for the host.
There are a host of IT things that you can get for free, having a VMWare platform means its even easier to spin up a Linux appliance to run something, the possibilities are endless, you just need some inspiration....
Here is a list of things that can be done for a small company that will give you the feeling of a big solution.
Connectivity, we all need it and with the advent of fibre everywhere it’s a must have. How do you terminate your fibre to the home/business? The option of the cheap and nasty router is there but in the end its still just cheap and nasty.
I have found PFSense to be a fantastic solution, it’s a state-full firewall and can handle as much as you can throw at it. All you need is an old-ish PC with two network cards and you are good to go. It can do all the functions you would expect from an enterprise class firewall for the cost of ZERO.
If you wanted alternative hardware, you can buy one of those fan-less PC’s from China, they will cost you about 100 USD, comes with 2 LAN ports, a few USB and HDMI, it runs off onboard flash and runs PFSense perfectly.
If that is still not what you want then scrounge around few an old Riverbed appliance, re-flash it with PFSense, sadly it will only run the 32 bit version but it will run it very well.
PFSense can run in a HA configuration, so get two Riverbed Appliances and suddenly you have some redundancy, add a second link and you have an enterprise solution.
The firewall can do anything that an enterprise solution will do; site to site VPN, PPTP VPN, routing, policy routing, NAT, GEO IP blocking, proxy….. and more..
Yes, there are more free version around, I think they spilt off PFSense and created OpenSense at some point but since I was around from the initial stages of PFSense I have always just stuck with it. After all, if it works, why change it…
Monitoring, this is another essential requirement no matter how big or small your organization. A good monitoring system will be able to alert you of things as soon as they happen or in some cases before they happen. I use PRTG for all my monitoring requirements; the really great thing is that for a small organization you can get away with the “free” version. This is a full running version that is limited to 100 sensors. In a small business that is enough to monitor quite a lot of things.
You can monitor via SNMP and/or WMI which gives you insight into your connectivity devices and Windows servers. You can track things like disk space use get alerts generated long before the disk runs full.
Historical graphs can be viewed and netflows can be checked all giving you enough information to know what is happening on your servers, hosts and network.
Server Platform, in the past it was standard practice for a small company to have a glorified PC running the local copy of Pastel accounting or payroll, then someone had a PC that doubled up as a “ Data server”. Backups were problematic and in the end you had multiple copies of data all over the place. With the advent of VMware most corporates have moved off and gone the VMWare route leaving the smaller companies wondering what now?
Well, thankfully this has changed too, VMWare is available to the small business in the form of a “free” version. (has actually been for a while already) It’s a working version of the platform with some limitations, but the limitations are all the things that a corporate would require.
For a small company the free version is a perfect platform to host the accounting or payroll system and any company data. The limitations are along the lines of clustering and HA.
…. Then there is the question of backups…. This is one of the limitations of the free version, if you wanted to use something like Backup Exec or Veeam you will be stopped short because the free version will not support it.
Having said that, there is a free version of Veeam but it will not run on the free VMWare, so you either need a licensed VMWare platform or a different product.
Backup software, and there just had to be one, there is a product called Unitrends that has an appliance that worked perfectly with the Free VMWare.
Of course it’s a “free” version of Unitrends too and the limitation is 2 TB of backup data. Most small companies do not backup more than a few hundred megabytes per night. The software runs as a VM on your VMWare platform, it will send you reports based on your settings, restores are quick and painless, it support files based restores or bare metal restores. You can do a backup to NAS or local disk or you can backup to local disk and do a replicate to NAS.
Wifi, we all need managed wifi connectivity and there is no other option for corporate or small business as far as I can see. Ubiquity have a fantastic selection of products, their Unify solution is great. The Access points come in 2.4 / 5 GHz models but the best thing is, free from their website is the Unify controller that will tie all the access points together. You can create a closed network and a guest network, limit use and access and have full visibility of it, all for the cost of the Access points. The controller can run as a small VMWare appliance as a linux machine meaning you don't need a Windows licence for the host.
There are a host of IT things that you can get for free, having a VMWare platform means its even easier to spin up a Linux appliance to run something, the possibilities are endless, you just need some inspiration....
