I had a client who recently moved to a new location. A partial move to the cloud was performed a couple of years ago with the establishment of Google Apps for work account. This rendered the SBS2003 nearly redundant. Its only remaining function was domain services and file and print services. They have also for the past few years only had one computer with the rest of the employees being either remote or always out in the field. This necessitated a move from the large cart-based tower server system to something more akin to the single user workstation that is on now.
I hear the “move that person to the cloud” mantra all the time. The cloud cannot provide the following:
1. reliable offline access in the event of an Internet outage
2. Proper control over the data and access control.
3. Proper data security from unauthorized remote access.
4. Certainty of chin of control of important business data
5. quick ROI instead of a constant drain on finances.
This is just a partial list. Now there are some files that are on their Google drive(via their Google apps for work) and that is the testing files for the field tech’s alarm panel programming. The critical data for the operation of the business however are locally stored. Now for the picture of the new setup:
This is on top of a cabinet in the supply closet. starting from left and the top:
1. APC 550va UPS
2. Synology ds414Slim NAS.
3. Motorola sb6121 cable modem
4. Sophos SG105 UTM appliance
5. Dell Powerconnect 10/100 FE
6. Ubiquiti Networks Unifi AP
This replaces full rack of gear from nearly 10 years ago. The office runs off the wifi point at WIFI “N” speeds. The ds414 has 4 x 1TB hard drives in RAID 6 redundancy for a total storage capacity of 2 TB. If needed the drives can be sequentially swapped out with 4 x 4TB drives for more storage later on. Backups are provided by Idrive.com on a nightly basis. The SG105 provides edge network security via dual-engine a/v scanning, content filtering, application awareness and control, Intrusion prevention, and Advanced Threat Protection. This also acts as an ssl vpn concentrator for remote access to the workstation being protected. Endpoint a/v is provided by trend micro. Since this is a single workstation Domain services locally are no longer required. Print services were moved to the local machine to directly interface with the internal printers. Authentication is handled by the NAS for file access and security. The only ongoing expenses are the Sophos firewall for security and the idrive.com for backups. There are no ongoing expenses for the rest of the network. If you have any questions feel free to contact me.