The Cloud

The idea of ‘cloud’ computing has been around since the first web based email services but only in the past few years has the term become mainstream.
Here I look into software that runs somewhere other than on your PC.

One of my favourite features of PowerShell is the Invoke-RestMethod cmdlet which (among a great many other things) can download the data from an RSS feed. One application I’ve found for this is to stay on top of security bulletins from organisations like Adobe and Drupal.

However just downloading the data from the feed and kicking it out in an email isn’t quite good enough for my needs thus the script below gets data from a CSV which contains the URL to the feed as well as some extra details to inject into any email notification (e.g. a link to the guide on how to deploy Adobe Updates).

In my production environment this script creates tickets on a FreskDesk helpdesk to log and manage any new update notifications. In the attached example below the script just fires off email notifications.

Have a look at the screenshot sequence below for more info!

  Get-Rss (4.0 KiB, 142 hits)

Update 09/05/2017 – v0.2 – Now handles XML and Arrays in the link and title objects (good for reddit and blogspot!)

As some readers may know I currently work in Higher Education and while all of the business data is trivial to backup providing any level of backup service to students and academics is significantly harder. The challenges faced include the myriad of Operating Systems in use (Windows/OSX/Linux), the fact that the devices being backed up are inherently ‘untrusted’ (i.e. owned by the individual) and that they are often on networks (be it eduroam/public/home) that have no direct connectivity back to the internal trusted network.

Most enterprise class backup systems just aren’t suited to this kind of environment in that they cannot be securely published through a firewall or have exorbitant licencing costs for the number of devices to be protected (a few file servers vs 500+ student owned laptops).

One solution to this issue cropped up at a recent trade show where Synology were demonstrating their Synology DiskStation Manager NAS software which set itself apart from the traditional enterprise backup solutions with…

  • Support up to 16,000 users on high end models (and 2048 on the kind of model that we would consider using) with no extra licencing costs, users can have storage quotas set either by group or per user
  • Secure remote access (simply publish a single port which can be protected by HTTPS for encryption in transit)
  • Home grown backup clients for modern versions of Windows, OSX/macOS and Linux
  • On the point of OSX/macOS the backup client for Synology does not rely on Time Machine and so overcomes the issues associated with having to be on the same network as your backup device
  • Home grown Btrfs file system which auto detects (and fixes) corrupted files through metadata along with extensive snapshot support
  • Up to 32 recovery points and real-time file protection (when connected to the DiskStation)

So time for some screenshots! Below we have the initial setup of the Disk Station Manager and the installation of the client on a Windows PC.

Then restoring a file that has been deleted on the Windows PC; note that you can restore either individual files or entire folders to a point in time.

The same but for OSX…

So that’s all of the good, the only downside we have found thus far is while shared drives can be protected with encryption it is not possible to protect each individual home area (per user) with a unique encryption key thus opening up issues with data privacy. However, if you consider the following scenario…

  • A business needs to provide backup to remote workers
    • Those remote workers do not connect to the trusted network often
      • Perhaps they don’t like VPNs/DirectAccess (and so rules out using Offline Files)
    • and those remote workers do not use a commercial ‘cloud’ service to protect their data with
      • Perhaps trusting a 3rd party to host the data is not an option
    • The remote workers use OSX/macOS

…then using a Synology DiskStation should be a serious consideration for that business.

Its been a day or so since buying a Microsoft Band 2 (took a while to find a high street shop that had one to try on in the first place!) and its proving rather useful to me as a person who rarely has his phone turned on loud and really never notices the little vibrations from it. My most recent application of Band 2 has been using it to receive push notifications from PRTG via my Windows Phone.

In all truth if you already have push notifications setup then you are probably already getting the notifications however if you are not keep reading to find out where to check for the right settings…

On the Microsoft Health App/Band Tiles

On the PRTG App

On your PRTG Console

On your Notification Settings

In recent testing with iOS8 (specifically 8.0.2) we’ve discovered that any web application (in particular we’ve got a number of in house applications that were built using Visual Studio Lightswitch 2013) that relies on Windows Authentication (on Microsoft Internet Information Services) simply does not work.

In particular users get to the login prompt screen to enter their username and password and on attempting to login are just presented with the login window again with no apparent error message.

The work around for now is to use an alternative browser (Chrome works good for us), hopefully Apple will fix this annoyance soon.

A few days ago I saw something on a social networking site about what Pizza would be like if it was a ‘Cloud Service’ – afraid I don’t know who to credit for it so I won’t post it here but I did give into temptation and make my own about Coffee!

So you now have your WebDAV server setup and its time to get this out to your users. To help you along you feel free to edit the guides below to your particular requirements.

  Using Cloud - iOS (225.4 KiB, 1,031 hits)

  Using Cloud - Windows Phone (196.8 KiB, 829 hits)

  Using Cloud - Windows XP (157.4 KiB, 819 hits)

  Using Cloud - OSX (193.4 KiB, 850 hits)

  Using Cloud - Windows 7 (149.3 KiB, 958 hits)

  Using Cloud - Windows Vista (166.2 KiB, 750 hits)

  Using Cloud - Windows 8 (327.6 KiB, 825 hits)

  Using Cloud with iWorks - iOS (5.1 MiB, 820 hits)

For further reading take a look at the links below-

In the previous article in this series we looked at the topology needed to setup a WebDAV infrastructure.

I’ll assume that

  • You have a public DNS record which points to a IP address on your firewall which is in turn port forwarding 443 (HTTPS) to your IIS server (this also works through Web Application Proxys like the ones built into Smoothwall firewalls)
  • You have a internal DNS record which points to the network adapter on your IIS server
  • Your IIS server has your paid (and signed) SSL certificate imported

You will also need a few server roles installed on your IIS server (you can do this through Server Manager), these are

  • Web Server (IIS)
  • WebDAV Publishing
  • Basic Authentication
  • Request Filtering
  • HTTP Logging and Logging Tools
  • IIS Management Console (unless you feel like doing everything remotely)
Server setup

So now to the fun bit! Which is all in the screen shot sequence below…

Testing

So you now have your server setup with the basics…so its time to do some testing. The screen shot sequence below shows how to connect to the WebDAV share on a Windows 8 PC.

Things you really need to test include
  • Users only have permissions to access the folders you want them to
  • You can upload/download files up to the maxium size you defined earlier
  • That you can access the share from both inside and outside your network
Next time

In the next part you can get some example user guides that I have made for my own implementation as well as some links to further reading.

Every once in a while a magical bit of software comes along that makes life so very good; today that software is WebDAV and its been around so long that some people might have forgotten how good it is.

The premise goes
  • You have one or more internal Windows Server(s) which hosts users personal documents and shared drives
  • You would like your users to access these files on any device ranging from their home PC (running say Windows 7) to their personal mobile devices (iPad)
  • You would like your users to access these files both inside and outside the firewall
  • You would like your users to access these files natively (like a mapped drive) so they don’t have to muck around with web based applications
  • You would like your users to be able to use this service with as little configuration on their part as possible
  • All while maintaining a secure and auditable system
To accomplish this you will need a few things
  • A valid paid for SSL certificate (don’t ever think you can get away with a self signed one) – personally I use a GoDaddy wildcard certificate
  • A spare Internet Information Services (IIS) Server to host the WebDAV service on
  • Depending on how things go 20 minutes
Topology

The basic topology is your clients point their WebDAV client at a DNS address which is mapped against a IP address which is port forwarded through your firewall to your IIS server which then serves requests to your file servers (clients don’t get to talk to the file servers direct). Don’t forget to setup your internal DNS to point to the internal network adapter of your IIS server as well.

Next time

In the next article I’ll run through the setup of a WebDAV server.

A press release today from AMD (AMD Launches New Platform for Dedicated Web Hosting Providers) seems all too convenient after AMDs recent purchase of SeaMicro.

The basics of it all goes that AMD now has a server class processor with a low power consumption, high core count that fits in a desktop class motherboard all of which is perfect for so called ‘cloud’ computing – specifically in the area of web hosting which requires ultra high density processing (fitting as many processors in a small amount of space).
For a little while now one of the key players in this arena has been SeaMicro with its Intel Atom powered (yes the same kind of processor that you might find it a netbook).
Of course now that SeaMicro is part of AMD it wouldn’t be seemly for them to continue to use Intel processors (AMDs rival) – thus AMD steps in with the 3200 series.

Its all just a little observation but I wouldn’t mind betting AMD has pushed this processor through the RnD guys fast to get it on the shelves and used in their new SeaMicro servers.

From a different perspective with its desktop style AM3+ socket I could certainly see this CPU coming in use with projects such as my recent storage server construction where a high volume of storage (and not processing power) is required but not that it wouldn’t be nice to have a decent low power server class CPU ticking the whole thing over.