Replacing Sophos and Office 365 in my tennis club

probably not the right thread to go into the details. So feel free to move into another section.

I run NHS in bridge mode with red, blue and green at home for private use in a VM as HyperV core 2016 guest and replaced Sophos UTM (which is great but just a firewall not more). My best decision was to move from NHS on bare metal to NHS as a guest in a Typ 1 Hypervisor. The host is a HP DL380 Gen8 with p420 HW Raid 10 battery cached (with a bit unusual but very efficient WD Red 1TB 2.5 instead of SAS drives) which will be replaced by a Gen9 soon. For the interfaces I use VLAN in the HyperV virtual switch over a Unifi POE switch and Unifi Access Points. As a back-up I built from used components a Broadwell Supermicro Server with an NVME boot drive (including the VM’s vhdx files) and for the data spining rust with MS storage spaces also HyperV core 2016.

As a board member of a non-profit tennis club I look for a replacement of a Microsoft Cloud Service with Office 365 which we could use until early 2018 as a non profit organization for free. To complex to much functions and suddenly disappeared. In addition we need to comply with the new data privacy rules which created a lot of trouble / work for us in 2018. We decided to bring all our data back home and now we are testing potential solutions. Nextcloud on NHS is currently our favorite solution but I need to solve the LDAP issue described above and further dig into the licensing rules. Currently this runs (dirty) in another VM on my server. If this goes into production then we are most probaly will use a used HP Microserver Gen8 (I love this little cube).

In case you are curious what else I have in mind for NHS. A friend of mine is the owner of an optician store and we are thinking to replace openmediavault 4 bare metal on HP MS Gen8 with NHS in bridge mode also bare metal. Here I need to solve the slow smb access on the green interface in case Suricata is enabled. Need to learn how to configure Suricata more granular. Security is always a trade-off and in this case I prefer higher SMB speed and Suricata on red and blue only. I also need to read more detailed the license for NHS to understand if NHS can be used for free in this environment too. May be this could become a tick box in the IPS configuration screen (Enable IPS / Suricata on red, orange, blue or green). Others in this forum seem to have the same requirement.

Happy to share more info on my set-ups if needed.


P.S.: I tested clearos before I found NHS. I prefer NHS.

Sounds great :slight_smile:

It looks like a smart move and you share an interesting scenario.
Thanks for reporting your testimonial