Issue link: http://read.uberflip.com/i/1037
the quarterly magazine of ILTA 49 Peer to Peer The VPS is controlled using a Web page console that has reset and power buttons, for monitoring and maintaining, turn-key applications, statistics and logging, security, hardware configuration, and other functions. Depending on the providers and plans, there are usually areas for helpdesk functions, disaster recovery and restorations, accounting and other features. A Case for VPS About a year ago, we identified three services at Lukins & Annis that we thought were well-suited to run at a remote location on a single basic VPS server. Each of these services was non- interactive (hint: could run on a slow server and no one would notice), did not require extraordinary access to the firm LAN, and would provide additional benefit or advantage because of the remote location of the server. These applications included the e-mail gateway, server monitoring solution, and a remote assistance broker. Today these services all run on one Linux- based server for about $15 a month. Remotely locating these services enabled us to achieve specific goals for each: E-Mail security Gateway • Goal: to preserve our internet bandwidth and increase security with the ability to scan and block unnecessary traffic and sessions from reaching the firm internet connection. We purchased a basic Linux VPS plan with 192M memory and a 6GB hard disk, and installed the MailScanner package on the CentOS distribution VPS server. MailScanner integrates the SMTP e-mail gateway, a virus scanner and spam scanner into a single reliable security package. The system was configured to ensure e-mail security by accepting and scanning all inbound e-mail messages for viruses and spam, and to then prevent undesirable e-mail messages from reaching our local Internet connection or internal e-mail server. The cutover was accomplished by changing our primary DNS mail exchange (MX) record to point to the new VPS mail server. This configuration has worked well over the last year, and we have recognized a substantial decrease in data usage over our relatively small T1 Internet connection. The system requires minimal maintenance and provides many of the same features and benefits as other commercial outsourced e-mail gateways. server Monitoring service • Goal: to be able to easily monitor our internet connection and public-facing services such as the firm website. For the past five years our firm has run an internal Nagios monitoring service, but we lacked the ability to monitor critical public-facing services from the Internet. With the availability of the new external VPS, we were able to install the simple open source Hobbit monitoring package on the server along with Hobbit clients on the systems we wanted to monitor. Each Hobbit client behind the firm's firewall makes outbound connections to the VPS Hobbit server via an SSL/HTTP connection and, as such, does not require any special firewall rules for the purpose of monitoring internal services and servers. The Hobbit server manages the clients based on the configured rule sets and generates SMS alerts in the event that a critical service goes down. This configuration has saved us the expense of contracting with a third-party monitoring service. The Hobbit server provides a simple Web-based interface for status and updating alerts. Remote control broker for helpdesk • Goal: to extend remote control to mobile users via a remote control session broker. For many years we used VNC for remote control and internal assistance on the LAN, but it was difficult to extend this capability securely to mobile users outside the firewall. To address this, we purchased a branded version of the ShowMyPC software, which was compiled by the vendor to use as a session broker on the VPS. This only required a no-login SSH account to be created on the VPS for the purposes of building and connecting the remote control sessions. Users can launch a "help request" application from the firm website which creates a secure channel for the help desk to remotely control their computers. We have avoided the considerable monthly expenses typical for commercial remote control session brokers by using the branded ShowMyPC applications. This has worked very well for us. Future Applications for VPS There are many other applications which are well-suited for a VPS like the firm public website, a "drop-box" (used for sending large files not supported by SMTP), a honey pot system, disaster recovery and backups. At Lukins & Annis, as hard servers are retired, or new ones contemplated, we are evaluating each application and service for its adaptability to a VPS or cloud. In the current economic climate, saving money and increasing benefits is simply smart business. ILTA A Vir tual Sigh of Relief David nevala is the director of it at lukins & annis, P.s., a 40-attorney firm headquartered in spokane, Washington. Dave has served lawnet and ilta as open source PGvP, served on the ilta conference committee, is a frequent contributor to Peer to Peer and various ilta whitepapers, has been a frequent speaker at various conferences and webinars, and has led ilta projects like the popular acrophobia PDf printer, the vegan e-mail security gateway and others. he can be reached at dnevala@lukins.com.