Presentation on theme: "Www.lsntap.org Legal Services National Technology Assistance Project."— Presentation transcript:
Legal Services National Technology Assistance Project
Networking Roundtable A Look at Operating Systems How to Make Best Decisions
Presenters Steve Gray, Legal Services of South Central Michigan Ken Montenegro, Asian Pacific American Legal Center Michael Bowen, Community Legal Services, Philadelphia
Overview of Session Components & Definitions Choosing a Network Operating System Linux, Microsoft, Netware What goes into the decision Connecting and Providing Remote Access Trainers Plugs -- Resources
How Many of You… (Using the QuickPoll (green or red X):) Administer your own network? Pay outside consultants to administer your network? Have other paid staff to administer your network? Other scenario? (write in chat)
Part I: Components & Definitions Desktop and Laptops (This can be a stand alone computer or thin client.) Server Gateway Firewall Remote Access Network Connections Network Operating System
Definitions: Server A computer system in a network that is shared by multiple users. Local LAN servers (file servers) Servers can also host: web sites and intranets 3. case management 4. lists 5. back-ups 6. other databases
Definitions: Gateway A device that acts as a go-between two or more networks that use the same protocols. In this case, the gateway functions as an entry/exit point to the network. Transport protocol conversion may not be required, but some form of processing is typically performed.
Definitions: Firewall Firewall - allows or blocks traffic into and out of a private network or the user's computer. Firewalls are widely used to give users secure access to the Internet as well as to separate a program's public web server from its internal network.
Definitions: Remote Access Using a computer to access resources that are in a different location or office. Generally refers to users located outside the office, accessing resources either via a private line (modem or a T-1) or a public connection such as the Internet.
Definitions: Network Connections LAN: 1. Ethernet (10/100) 2. Wireless (A/B/G) Internet: 1. Broadband (cable or DSL) 2. Frame Relay 3. T1 and Fractional Between LANs: 1. WAN - two or more LANs connected.
Definitions: Network Operating Systems An operating system that is designed for network use. A network ready OS manages concurrent requests from clients and provides the security necessary in a multi-user environment. A file sharing component is installed in each client machine that interacts with the server to share files and applications as well as network devices such as printers, faxes and modems.
Part II: Choosing a Network Operating System QuickPoll & Annotations: What Operating System do you use? (annotate document) Are you certified in any operating system? (Y/N) Which ones (Novell, Microsoft, Linux -- annotate document)
A Network Tale: Two Legal Aid Programs What they run in their programs? Why they run them in their programs? What they wish were different? Community Legal Services, Philadelphia Michael Bowen (Microsoft) Asian Pacific American Legal Center Ken Montenegro (Linux)
Making an OS Decision Hardware compatibility Old hardware runs Technical compatibility (skillz) Staff Consultants (Consultant costs & Finding a consultant) Application support Legal Applications Management Tools Lacking Existing infrastructure Often not a problem
Connecting LANs and Providing Remote Access What are you connecting? Remote users for application/documents/etc? Remote offices into one network? (WAN)
VPNs OpenVPN (http://openvpn.net): A open source SSL VPN solution which can accommodate a wide range of configurations, including remote access, site-to-site VPNs, WiFi security, and enterprise-scale remote access solutions with load balancing, failover, and fine- grained access-controls.http://openvpn.net At LSSCM we are experimenting with open VPN as a replacement for WebDrive remote access.
VPNs: Kens PPTP for mobile users What we use, Poptop (http://www.poptop.org/) On Legal Center issued notebooks Users must sign a special VPN policy Users never know their VPN password Ideallly, something like token based authentication... IPSec Good for static IP locations
VPNs: Why They are Evil Quick Poll How many folks use VPNs currently for remote users? How many folks use VPNs currently for remote users located in an office within your program (as a WAN)? How many folks use SSL-VPNs currently? How many folks have a Terminal Server? Do you serve TS Apps to Inside Users? Do you serve TS Apps to External Users?
IP Sec v. SSL v. Remote Control 1. IPSec Remote Node Apps run local Need to be Installed Need to be Licensed Need to be Updated...regularly Is the Remote Node Secure? Is the A-V Up-to-Date?
SSL-VPN Hardware Requirements (Very low) Screen shots, kybd, mouse clicks Dial-up might be pushing it, but is not unheard of... Applications Remote Machine: Only a browser (...ok, maybe a small plug-in) All Applications run locally on the backend On better hardware Closer to the data Controlled/Maintained at a single source, not dispersed Terminal Server on the backend
SSL-VPN Security Configuration DMZ or Parallel to Firewall Costs
Other Remote Access LSSCM Remote Access Solution: WebDrive ( ) SSH access - Secure file transfer and document collaboration software using WebDAV, FTP or SFTP. At LSSCM this allows remote staff (home of community center laptop) to map their office document directory as a virtual drive, files are transferred by simply saving them to a drive letter. There's no need to run a separate FTP client interface. Unlike typical FTP clients, WebDrive lets you open and edit server-based files without the additional download step.
Trainers Plugs BackupPC (http://backuppc.sourceforge.net): BackupPC is an enterprise-grade system for backing up Linux and WinXX PCs and laptops to a server's disk. Very nice web-based admin interface. We use it at LSSCM to backup servers over HTTPS in 6 offices to remote location. HostMonitor: Monitor your servers to make sure they're running, check to make sure a particular service is running, check for specific Events in the Event Log, check for low disk space, file changes (size/time), monitor your WAN or your internet connection. Amazing tool, reasonable cost, great support. (http://www.ks- soft.net/hostmon.eng/index.htm/)
Trainers Plugs KiwiSyslog: Not free, but very reasonable syslog server. (http://www.kiwisyslog.com/syslog- info.php/) Gillware Data Recovery: Very reasonably priced. Great service. (http://http://www.gillware.com/)