Archive for March, 2013



​This seems to be the plaguing discussion among many companies today. My opinion?, there is no wrong answer, however there is alot to consider before signing up for services. I wanted to take a little bit of time to expose some of the questions you should answer before deciding to go with a hosted solution. Deciding who will handle your business critical infrastructure can be a very stressful decision to make. Many hosting companies out there will go the extra mile to sell themselves to you . But if you dont know what to ask and what to look for, you may end up locked into a contract you will be very unhappy with. There are alot of business owners out there who have a difficult time with there desktop, let alone deciding what you need for business critical applications in your company. I hope this post will be able to help all of you decide what direction to head without having to deal with sales pressure. Cause if you are like me, i have no patience for sales pressure. So lets dive in.

Some questions you should answer before starting to look for a hosted solution.

What is your application exposure?.

Is your customer base international or national?. Obviously web applications have international exposure inherently. However if you know that you have a large consumer or customer base in other countries that put alot of demand on your applications then you may need to consider more strict uptime requirements. If your application is primarily national or maybe just an internal use only, then you will have a bit more flexibility.

Unfortunately you need to consider that the more 9’s you have in your uptime, the more money you will need to be willing to spend to ensure you are able to maintain it. For many businesses, it is acceptable to have outages at any given time. Now obviously we all dont’ want to have our services to be going down frequently throughout the day, but for some it is not a big deal if your servers need a good reboot during the middle of the day.

What is your uptime requirements?. 

​This question ties into our first question and is very important to be able to answer. If your core business depends on your applications you have on the internet, then you need to look at this very closely but be realistic. Most people on the internet when they go to a web page will refresh their webpage if they get an error. so it is unrealistic to expect that 1 your servers will never go down and 2 that you can maintain 99.999% uptime with very little upfront cost. so to answer this question it would be best probably to be able to answer this. How much of your business would be impacted if your sites went down 5 minutes? then how much for 10 minutes, 15 and so on. The more time you are willing to accept. the cheaper the cost will be to maintain and keep your systems up.

why does keeping servers up cost so much?. Because you need to be able to deal with the fact that eventually your servers will go down. When they do you will need to restore backups possibly to get your data back or you will need to have another server running that is ready to take over when it goes down. if your acceptable loss of data is 5 minutes and your down time can be nore more then 3 minutes, then you will need to be making incremental backups every 5 minutes and you will also need to deploy a load balancer that will be ready to send traffic to another server if one goes down. The more data you have, the more it will cost to backup every 5 minutes. depending on the amount of data you may need to look at an enterprise type backup and restore solution to ensure you will be able to get your data back within the alotted time.

This only covers if you loose a single server. So there are many other disaster scenarios you may need to consider in this whole picture. I would suggest trying to make a list of all the possibilities you can think of, then write out how you may protect yourself against it.

Now i know this already seems to be an obvious choice to go with a hosted solution. Don’t forget though, even hosting companies have major outages that you will need to make a plan for. Look up amazon and see what kind of outages they have had. Now i am not saying they are bad, because i think they are very exceptional with there service but they like any hosting company suffer from outages. Everyone does.

How much data do you have?.

Plain and simple, the more data you have whether it is hosted or not, the more it costs to store it. We all have a fear of getting rid of data so we inherently keep everything. This is not only dangerous but expensive. Consider moving data that you don’t need right away to a tape backup or a large NAS drive that has cheap slow drives in it.

Remember it doesn’t just cost to keep data on your servers, but it also costs to back it up. Depending on how often you need to backup, you may eat up alot of space and money before you know it.

Do you have any legal or SLA requirements for backing up your data?.

Some businesses through litigation or merely through what they guarantee in their contracts need to maintain a rather large library of data. Being able to restore a file back to any point in time may be critical for you, but it costs. If you are willing to accept a file but may be from the previous day or week, then you will definitely save some money there. This may mean that you loose a little bit of data in the file but at least not all of it is lost.

what applications do you need to run?.

Some web applications are more intensive then others. Namely your databases are. These are applications that store all your dynamic data on your web page, and can require alot of CPU and memory. In hosted environments, this can get costly when considering your options.

do you need to adhere to PCI DSS, SOX, HIPAA, GLBA, FISMA compliance?.

Many hosting companies these days adhere to many of the compliance standards out there, but depending on what compliance you need to adhere to will depend on where or if you are able to use a hosting company. If you you are able to, then consider the fact that the more strict the compliance standard is the more it will cost to host your data. This is all due to the amount of security measures that need to be in place, the amount of backups provided to recover this data, and even the encryption of sesitive data that is stored.

Virtualization?

This is my favorite section, because virtualization is an awesome technology. It allows you to get more out of the hardware you own. By deploying multiple servers on one physical box, you can save yourself thousands of dollars. Now virtualization has a heavy up front cost but defintley has a high ROI. It also allows you to deal easier with disaster recovery plans, uses less power then equivalent number of servers and takes less man power to maintain the hardware. This all in turn saves money.

 

If you are able to answer the majority of these questions, then i think you should be well prepared to start conversations with hosting solutions. All hosting companies should be able to give you a cost associated with each of these questions. Most of all what you should take away from this is an old saying “Dont put all your eggs in one basket”. If you need to ensure your sites are not down for extended periods of time, consider a hybrid approach where you purchase your primary equipment to run your day to day applications and servers. Then utilize a hosting company to act as your disaster recovery site. If you want to just strictly use hosting companies to host your solution, maybe because the initial cost of purchasing your own is to much or finding the right person to support it is to daunting. Consider looking at multiple hosting providers that utilize different ISP’s incase there is ever an issue with a particular ISP. Using different hosting providers, solves some of the major news worthy outages that have plagued some of the larger hosting providers. By having redundancy in all your systems helps to ensure you that your systems will be up and ready in the event of disaster or even minor outages.

You can’t plan for everything that may happen, but the more you plan for the better you will protect yourself and your company. Hosting companies will be there to sell you what you have, hopefully this prepares you a little to know what to ask them and how they may respond. Hosting companies need there maintenance windows to upgrade or troubleshoot their hardware, be aware of these clauses and ask al about what they do in the event that they need to take down major equipmet to replace. Most of all, get it in writting.

I hope there is someone out there that this reaches and helps. I know this can be a touqh discussion to have and even think about. So dropme a comment or email and ask as much as you would like. We are here to help anyone we can as well as provide services.

Advertisements

Recently I was adding the OSSEC agent to a windows 2008 r2 machine and ran into a issue where the the agent was failing to start saying [check config!]. Well I had never changed the config so there should not be anything wrong with it. After some searching I found a post suggesting to go to regedit and modify HKLM\system\currentcontrolset\services\OssecSrv ImagePath – c:\program files (x86)\ossec-agent\ossec-agent.exe. Add quotes around “c:\program files (x86)\ossec-agent\ossec-agent.exe” and restart. After restarting I still had no luck. Then it came to me.

I went into regedit again and realized before I got to the regedit screen, I was interupted by the User Acess Control prompting me to lower my settings, or to run regedit as an administrator. Well if the agent is attempting to start, but being interupted by UAC, then this would surely prevent it from reading the config correctly. so here is what I did.

Go to Start >> Run type msconfig into the text field. When the MSConfig utility shows up, click on the “Tools” tab. In the list you should see “Change UAC Setting”. Click on it and select the “Launch” button below. This will give you the UAC windows where you can lower the bar to never notify. After that is done, go ahead and restart. Once restarted, check your OSSEC agent and it should be running!.​


 Hello all it has been a while since I posted anything. It is sometimes hard for me to come up with subjects to talk about, but alas! i have found some information that may be useful. In my quest for new gadgets and electronics, i have recently purchased a Raspberry PI. One thing that i purchased along with it was an Edimax Wireless adapter. Now connecting to a network using WIFI in linux is not as simple as a wired connection. Once plugging in the adapter, you should ensure that your drivers are up to date for your wireless card. This can affect how you are able to connect to your wireless network.

      Now not everyone keeps there home network wide open without security. If you do, please reconsider changing your router settings to use WEP / TKIP for securing your network. Once you are setup with your router with the security strength you desire. open a terminal session to your Linux server and type 

     $ iwlist wlan0 scan

This will scan for wireless networks using your wirless card. If you are unsure of the name of your wireless card you can type:

     $ ifconfig

This should output a list of your adapters including wired connections, and output their current connection state. Once you have received your available wireless networks you can now connect to your wireless network using the SSID that you get from iwlist output and the PSK or pre-shared key that you get from your wireless network router. If you are using a Debian flavor of Linux, you can edit your /etc/network/interfaces file and add the following settings​

​   auto wlan0

  iface wlan0 inet dhcp

  wpa-ssid “NAME OF YOUR WIFI”

  wpa-psk “YOUR PSK”​​

  #wpa-proto WPA — optional setting if needed your can uncomment this

  #wpa-pairwise TKIP — optional setting if needed your can uncomment this

  #wpa-group TKIP — optional setting if needed your can uncomment this

  #wpa-key-mgmt WPA-PSK — optional setting if needed your can uncomment this

The commented lines can be used to set the protocol for which your linux box will connect to your wireless network. In short this would be the settings of the type of encryption used to connect to your wireless network. I have found though that the first 4 lines are the basic essentials needed to connect to your wireless network, and work the majority of the time.

I hope this post helps you with setting up your wireless card. If you have questions or comments, feel free to let me know. Also feel free to check out my new blog at 

http://www.mjd-design.net/blog

%d bloggers like this: