My Media Server Adventure

A long time ago in a newsletter far, far away I talked about media hubs and their being the future of home entertainment. I mentioned that I had plans of my own to implement media services and a media hub in my home. Well, I still haven’t convinced my wife to let me digitize our collection of DVDs and serve them to media hubs throughout the house. I have decided it is time to take matters into my own hands. I will have to just show her how awesome it is going to be. Some folks just need some show and tell to help them along, my wife being one of them.

So here is the plan. I have some hardware that I have collected that I am going to use to build the media server of my dreams! At least one I can use to demonstrate how awesome it would be to have something like this in our home. What I am going to do for you my avid readers is tell you in this issue about my plan. What hardware and software I will be using and what my ultimate goal will be. I will continue to keep you up-to-date on the B.I.T.S. blog where I post all the articles for this newsletter and I may even do a few YouTube videos as work progresses.

Let’s get started. First I need some software that will do what I need it to do. I have chosen Plex (http://elan.plexapp.com). Plex started as a community developed application for Xbox to allow the Xbox to be used as a media hub. Plex now has apps for most major mobile devices. It has apps for popular media hubs like Roku, and some TVs and DVD players are even coming with the app already installed. Plex has a media server that allows you to store, catalog, and index all of your digital media including music, films, home videos, and pictures. It has everything plus I can install it on a Windows computer just like I would any other program.

Hardware is going to be a bit different. I have some computers with a mishmash of parts laying around my home office. The goal here will be to pull together some working hardware that meets the minimum requirements for Plex Media Server which are Windows XP, 1.6ghz Intel Core 2 Duo processor, and 512mb of RAM. I will install the Plex app on my iPad and on my laptop to test and demonstrate streaming movies and accessing other media.

If my wife likes what she sees and I get my kids to tell her how much they love it too, I might just get the go ahead. If I get the go ahead, my upgrade will be simple. I intend to purchase a Netgear ReadyNAS to use as my media server. Plex already had an add-in to allow the media server to run on these fantastic storage devices. As a bonus, if I don’t fill it up with movies and pictures I can use the ReadyNAS to also backup my home computers and store other files on as well. None of my TV’s has the option for the Plex software to be installed, so I plan on purchasing Roku boxes for each of the TV’s in the house. I can also use the Roku for Netflix, Hulu, and many other internet based media streaming services, so it isn’t just a one-trick pony either. Wish me luck, and don’t forget to check the blog (http://jcbits/wordpress.com) over the next few weeks for updates on the progress of the project.

Exchange On-Site or in the Cloud

I am going to talk some more about email this month. As most of you have gathered, I am a big supporter of the Cloud and of Microsoft Office 365. Exchange Online is the part of Office 365 that handles all of the email related tasks, but what you may or may not know is that Microsoft also has a product called Exchange Server that runs on your local servers managing all of your email needs. Exchange Server has been around for a very long time and until recently was packaged with Windows Small Business Server or SBS as a way for small businesses to get enterprise email for a not-so-enterprise price. Exchange Server no longer comes bundled with the Microsoft server product targeted at small businesses called Server Essentials. This leaves many small and medium-sized businesses with the burning question of “What do we do next?”

SBS users who choose to stick with Server Essentials when they upgrade or who have chosen to move up to the full Windows server product have 2 options. Their first option is of course to switch to the cloud. Second is to purchase another server and run Exchange on-site. Each has their pros and cons.

Some pros to on-site Exchange are that it allows companies to maintain control over every aspect of the Exchange Server, from the software installation to the hardware it runs on. The company can install additional software on the server to integrate with 3rd party products easier. Updates and maintenance happen on the company’s schedule, not on Microsoft’s. Backups and disaster recovery and compliance are all still maintained by the company. Large files and large mailboxes can be very slow.

Many of the pros to on-site Exchange can also be considered cons. Any software or hardware problems that arise are the responsibility of the company. In order to ensure a secure stable Exchange environment, the company is responsible for testing and implementing updates, making sure backups are working, and assuring that recovery of those backups can be tested. The company must also staff or contract with people with the knowledge and skills to perform all of this management and maintenance not to mention setup, installation, and integration.

Hosted Exchange inside a service like Office 365 takes the entire burden of managing and maintaining the hardware and software off of the company and getting setup and started is quick and easy. These are 2 of the main pros of hosted Exchange with Office 365. Providing always-available-anywhere access requires no extra configuration.

The company does have to give up a lot of control for this level of convenience, which can certainly be marked in the con category. Many 3rd party integrations may not work with or support a hosted solution. Upgrades and updates to the system may come at a slower pace, and fixes for your company’s particular issue may not be a priority.

Making the decision between hosted and on-site Exchange is a business decision as much as it is an IT decision. Hopefully this article has given you a place to start when weighing the pros and cons of this decision for your company. As always, Jacobs & Company B.I.T.S. is willing and available to help you make the most informed decision possible for your business.

Store it in the Cloud

Cloud storage is nothing new. In fact, it has been around for so long that I keep waiting for something new to replace it, but nothing really ever will. The fact is storage is storage. It comes in different shapes and sizes, but it is still just a place to dump your stuff. There is no bigger place to dump your stuff than on the Internet. The first question I always hear is, “Is it safe?” That’s a pretty loaded question, and in some cases it might be safer than keeping the info on your local PC. Just like with any technology, it is the user’s responsibility to do some due diligence research to determine their level of comfort with online storage. For me, I am pretty comfortable with the idea. I imagine very little risk, but I also don’t put any financial info out on any of my online storage either.

Let’s talk about a few online storage providers. Microsoft SkyDrive is rapidly becoming my favorite place to store stuff. With 7GB of storage free at signup plus you can purchase up to an additional 100GB for $50/year, I think that’s a pretty good deal. Plus, you get some cool basic web apps that let you view and edit Office documents like Word and Excel. A free app lets you automatically sync folders between your computer and your SkyDrive — kind of like a backup. Additionally, you can share folders and files with anyone you want free over the internet encrypted using SSL certificates. Competing almost feature for feature is the Google Drive. The biggest difference I can see here is the amount of storage and pricing. Google starts you off with 15GB of storage, but adding storage is a bit more expensive. For 100GB you will pay almost $60/year, but they have plans that allow you to store lots more going up as high as 16TB — that’s 160 times the largest plan Microsoft has and it only costs $799/month. While most of us won’t need that much storage, it’s nice to know it’s there. Amazon also deserves to be mentioned among these 2 giants of technology. Amazon provides 5 free GB with pricing more in line with what Microsoft has advertised. Amazon’s largest package is nearly 1TB for $500. While not quite on the same playing field as the 3 providers I have already mentioned, DropBox is a very popular storage service that lets you buy storage starting at 100GB for about $100/year. DropBox’s popularity is probably due in part to its very interesting free program that starts you off with 2GB, but allows you to earn up to 18GB of storage by referring friends and installing their app on your PC and mobile devices, not to mention it has always been very easy to use.

All of these services have a few things in common. They all allow you to store files on their servers on the internet, making it possible to access and share these files anywhere in the world. They take care of maintaining their data centers and backing up all the data on their servers, making sure that you have the always-available, uninterrupted access to your files that you want. All of these services provide a way to sync folders on your computer automatically, with the service giving you an almost continuous backup of those files and allowing you to access them even when you are offline. Apps for mobile devices are also available for all of these services that allow you to access and sync media between your mobile devices and the online storage. These services are great for storage, backup, and sharing and enabling collaboration. A few of them even enable productivity right in the cloud, by allowing you to view and edit files right in the web browser. If you aren’t using one of these services, my question to you is, “Why not?” If you are concerned about privacy, check out the privacy statement for each provider and see whose policy you are most comfortable. If security is a concern, search Google for news about security breaches and look at their web sites. Many of them are very proud of their security measures and either have information published on their site about the security level of their service or are happy to tell you about it if you ask. In general though, the weakest link on the security of your data stored in the cloud will be your password. Use a strong password, and you should be in good shape. Now go out there and start storing it in the cloud.

Certified Secure

Last month I wrote about securing email using certificates. You can however do all sorts of other things with certificates, so I thought I would share with you a few of those things. Before I start though I want you to think of a digital certificate not as some weird tech “thingy,” but imagine it is more like the seal a king or noble would stamp onto a letter to sign it or use to identify himself. Like a stamp of your signature, an individual can get a certificate to use from a certificate authority like Verisign once they complete the verification process.

Once you have a certificate, you can use it for lots of things. The first is to be able to sign a document. A PDF requiring a signature can be signed using a digital signature. The public portion of the certificate will be attached to the document. What makes this secure is that you own the certificate and never share the private part of the certificate with anyone else. Along the same idea is that once a document is stamped, it can’t be changed without the document itself showing it is no longer secure, because something changed to invalidate the document since it was stamped with your certificate.

Signing and securing documents isn’t the only thing for which a personal certificate is good. A personal certificate can also be used to identify you. This identification — like a key card at a hotel — can be used to give you access to your computer or resources. The certificate can be used to log you into certain websites securely without ever typing a password. These certificates can be stored securely on the certificate store on your computer or can be loaded onto a flash drive and taken with you. Just don’t lose your flash drive, because that would be like having your wallet stolen or lost and be a potential breach of whatever you are securing with that certificate.

Certificates can be installed on servers and on websites to make sure that any data sent to or from the server is safe and encrypted. When you go to Amazon you may notice that when you check out there is a lock on the address bar or the address bar turns green. This is a visual clue that the server is using a certificate, that the certificate is valid, the server is who it says it is, and that anything sent between your browser and the server is encrypted.

Certificates don’t have to come from big certificate authorities. Chances are you already have everything you need to set up an internal certificate authority right on your windows server. A company can set up internal or internet facing certificate servers and use the certificates generated there for employees, partners, and clients to identify users, secure traffic, and enable internal digital signature and approval processes.

Certificates are versatile and useful in the real world and can be used to make everything you do more secure. Certificates are generally thought of as difficult, confusing, and intimidating…they shouldn’t be. With a little planning and a little help from the right technical person, making use of certificates can be a simple and straight-forward process.

Wireless Displays

Wireless Display technology has been around for a few years, but it had a prominent showing this past spring at CES as several hardware manufactures released devices built on Intel’s new wireless screen sharing technology. Most recently, Google released a small device that is similar in function to media hubs that we discussed in a past article; however, this little device included a beta service that allows you to stream content wirelessly from any device as long as the content is running in a Chrome browser. While the service is low quality and limited to only content that can be played within a Chrome browser tab, it signals the hat of yet another technology giant being thrown into the ring. Apple is, in my opinion, ahead of the curve though still locking its users into the Apple only Ecosystem. The latest version of OS X includes the ability to use an HD TV or other display connected to an Apple TV as another fully functional monitor wirelessly.

Intel’s Wireless Display or WiDi technology is not much different from what Apple provides, though it does allow for more choices when choosing devices for running your wireless display. Hardware manufacturers like Netgear have developed set top media hubs that support the Intel WiDi technology, and Intel has even signed deals with several TV makers who now have sets that are being shipped with the technology built right in. On the computer side of the equation, Intel has 3 requirements to take advantage of WiDi. First is an Intel Core i3, i5, or i7 processor 2nd generation or newer. Second is an Intel video card that supports WiDi. Finally, a network card that has been certified to work with WiDi is also required. Right now, only a few network cards that are not Intel brand cards are available that support WiDi. Visit this site (http://www.intel.com/support/wireless/wtech/iwd/sb/CS-031059.htm) to see a full list of hardware capable of running Intel WiDi.

With Google jumping in the ring with Intel and Apple, alongside other smaller competitors in the space, I expect to see some rapid innovation in this technology over the next year or 2. What will really make this a must-have technology for everyone will be, like most other technologies, simplification. Whoever can make this technology work with the least amount of effort and additional hardware will jump out ahead of the rest of the pack. I am really looking forward to this technology taking hold mainstream and hoping wireless display becomes a standard feature for desktops, laptops, and tablets alike.

Email Security

Recently, I have been asked a lot of questions about email and email security. The simple answer to the question, “Should you be sending sensitive documents to other people via email” is no, email is not secure. It’s true that email is not secure; however, there are steps one can take to make it more secure. Before we go any further, I want to say that I believe that in most cases using a secure document sharing platform is a much better solution for securing attachments and data that may need to be shared with clients. If you must send data via email then read the rest of the article to find out what needs to happen before your email can be secured.

Securing an email requires that it be encrypted before it is sent then decrypted on the machine it will be opened on. To do this, you need a certificate with which to sign and encrypt email messages. Companies like Thawte and Comodo have SSL certificate products both free and for a small fee that will allow users to encrypt email from their email client, Outlook for example. Purchasing a certificate is different for each vendor, but in general you create an account when you purchase the certificate, log in, and download the certificate file. Once you have the certificate file, find it on your computer and double click it. A certificate import wizard will launch. Follow the instructions. Depending on the certificate, there may be specific steps you need to follow that will be provided to you by the vendor you purchased your certificate from. When finished importing the certificate into Windows, you will be able to import the certificate into Outlook. Open Outlook and click File, then Options, and Trust Center. Click the Trust Center Settings button then click E-mail Security. Select Add Digital Signature to Outgoing Messages. This will add the public portion of your signature to every email you send out so the recipient can add it to their contact info. The recipient need this signature to decrypt encrypted messages you send to them in the future. Next select Send clear text signed messages when sending signed messages This allows the recipients to read signed messages so they can import your certificate. DO NOT select Encrypt contents and attachments for outgoing messages. This will encrypt everything you send out which may cause issues for your recipients for whom you may not have a certificate for. Next click Settings and click choose next to Signing Certificate. Select your certificate from the list and click OK. Select the hash algorithm which will be SHA1. Now click Choose next to Encryption Certificate and select your certificate from the list and click OK. Choose the Encryption Algorithm, 3DES or AES 256-BIT. You should now be able to send signed email messages and receive encrypted messages from people with your public certificate. For you to send an encrypted message, your recipient will have to set up a certificate for themself and send you a message signed with their public certificate. You can save their contact info by right clicking their email address. This will save their certificate as well so that you can send them encrypted messages in the future.

As you can see, securing email is no trivial task to set up and it requires setup by both parties in order to encrypt messages both ways. Once it is set up however, all you need to do is tell Outlook to encrypt the message you are sending and Outlook takes care of the rest. I would also recommend that any attachments with sensitive information be password protected and encrypted before they are attached to an email and sent to add another layer of protection if possible. I still stand by the recommendation that a secure document sharing site is a better solution to sharing sensitive data with parties outside your business and recommend that no email be sent containing any personal or sensitive information written its text.

Microsoft Azure IaaS

IaaS stands for Infrastructure as a Service, which is a fancy way of saying your servers are being stored and run by some host off-site. Microsoft has been running full steam ahead into the cloud and shows no signs of stopping. Azure is a platform Microsoft is building a set of hosted services on similar to the Amazon Web Services that run in Microsoft datacenters, which are some of the top datacenters in the world. Azure includes web site hosting, Virtual Machine hosting, SQL Server database hosting, Virtual Networks and VPN, and the new Windows Azure Active Directory. All of these services are accessible 24/7 from the internet and backed up and maintained by engineers at Microsoft’s data centers.

Azure services integrate with on-site Active Directory databases in order to allow administrators to manage services and access in one place. The new Azure Active Directory is not a replacement for having a server for log in in your office. It is designed so that applications and services built within the Azure infrastructure as well as other 3rd party cloud services can authenticate users with a single-sign-on that is integrated with users Windows logon. Azure can be used to build or install enterprise applications to the cloud so users can access business data and services from anywhere, while reducing the overall cost in support and maintenance over having it all onsite. Azure can be used to backup virtual machines and run them in the event of a disaster. Azure can be used to store backup files off-site and restore from those backups. Virtual machines can be spun up in a matter of minutes and backups restored to these virtual machines in the event of a disaster. Azure allows companies to create secure virtual networks for applications and connect them to their onsite networks via VPN. SQL databases can be created directly on the Azure platform and accessed via an application built on Azure services.

All of these services are considered infrastructure because solutions can be built on them. This technology is great and opens up doors to some fantastic cost savings and innovation; however, if you are thinking of moving your entire network out to Microsoft’s cloud we just aren’t there yet. Today, most of what Azure does is geared towards developers; however, as more of the pieces fall into place products built using Azure services will be available to just drop in to fill the needs of businesses with minimal IT required. The IaaS over the Internet, Azure in particular, is not quite ready for businesses to move in fulltime yet, but based on what I have been reading and what vendors like Microsoft, Apple, and Cisco are saying the move is right around the corner…so get ready.

Windows Server Essentials 2012

Small Business Server, one of the “best deals going” for small businesses needing enterprise server services on a small business budget was discontinued after the 2011 version was released, but only in name. Windows Server Essentials 2012 has however taken up the banner for small businesses and looks to be a great replacement. Essentials 2012 is missing a few options that used to be major parts of the SBS package. First, is that there is no built in Exchange Server. From my point of view, this is a good thing. Taking care of Exchange can be a daunting task, and when Exchange isn’t working neither is the small business it serves. In Essentials, Microsoft has opted for the ability to integrate Active Directory (the database used to manage users on the network) with Office 365, allowing companies to manage users of both Exchange for Office 365 and network users from within Active Directory. Another option that is no longer available is the Advanced server option, which has included a license for SQL server or SQL Express. Since SQL Express is free and adding an extra server for Applications that use SQL is no more of a chore than adding a client computer, the only real loss here is the small discount Microsoft gave on the Windows Server Standard License.

This past month I migrated an office to Windows Server Essentials 2012. When the server booted, I was presented with a Windows 8 like Start screen. My first response was to just shake my head and wonder why. After some time getting used to the interface, I found that all the tools that I needed to continue with the setup and migration and thought no more about the new Metro interface being added. Getting around was no more difficult than it was in SBS 2003, once I got used to it.

Once I began setting things up, I discovered that the Wizards and Dashboards are the best yet for getting a quick clean installation up and running. The Server dashboard walks you through all of the initial configuration in a very clear and simple yet informative way. Many of the services were tested and verified to be working by wizard as part of the setup for the service being configured in that step of the process. The Dashboard also gives you access to tools to manage user, computers, automatic client computer backups, storage, and file shares. For more advanced configuration and monitoring, the Windows Server 2012 Server Manager is included giving administrators quick access to a dashboard that shows information about the health of services running on the server. From here, familiar tools to manage Active Directory and other services are just a click away. Again, it took some getting used to navigating each of these layers, but Essentials isn’t designed for IT admins like me — it is designed for small businesses with little or no IT support to be able to get a server up and running easily. With that in mind, Essentials delivers on that goal. It just works, and just about anyone could set one up.

Essentials delivers on everything a small business needs to get started with a first server or as a replacement for old Small Business Servers needing to be replaced. It sets up quickly and provides a minimal touch experience for getting a network set up with all the tools it needs to support users working both in the office and out. I give it 2 thumbs up even with the Metro interface, because like I said before it’s still just Windows – just like Windows 8.