Sharing good Nethserver installation combinations SME with explainations


(Kristian Malvander) #1

I would like to start a thread were we could discuss Nethserver design layouts for SME or more advanced home users. The all in one server solution is good but not very convenient for SME’s in my opinion.

I’m very interested in productive running Nethserver installations were we could discuss setup combination and learn from each other? Good discussion points would be roundcube vs SoGo (In what scenarios are those used (mobile, PC)) or Owncloud vs Samba shares (Should both be used in 2 different scenarios (tasks, contact, files etc) or combined) and how can those be configured with Nethserver.

I’m working on a base test layout were I want to have a GW running on PFsense (Very good secure and scalable FW/GW were information from different services is reused for easy configuration via the webconsole and this i a must if you made changes in the FW on a daily basis) on a virtualization platform from ProxMox (Very stable KVM virtualization platform and it supports management server, backup and HA out of the box).

When it comes to Nethserver I’m still testing several combinations from having one centralized LDAP server and several decentralized Nethserver installations for Samba (Not easy) and Mail mainly for security reasons, scalability and to keep each server as simple as possible. How can a Nethserver GW installation be competitive with Pfsense (Maybe with a combination of a proxy were firewall settings are static)? I’m still to new to know how stable Nethserver is if you use an all in one installation and how often installation break during upgrade. I’m also still learning the config db settings of Nethserver which are pretty new to me.

Can Owncloud replace Samba shares completely? Why owncloud
Should roundcube with owncloud be your number one choice or a combination with SoGo? Roundcube gears upp Roundcube next version on Indiegogo

Scenario: How does a normal user look like in a SME company? I share and example of my view ** but how does your look SME user look like**?:

  • Mobile device with need of secure and encryptet mail, contact, tasks and calender sync
  • Laptop roadrunner needs to have secure access via VPN to mail, contacts, tasks and files and offline access without VPN.
  • Secure way to chat and use videoconferencing on the road and in the office.

Biggest challenge is to use as few components as possible to achieve the scenario described to keep the installation as simple and secure as possible.


Nethserver Firewall
(Stefan) #2

I have to say I can’t contribute something to the topic (I am a newbie) but I would like to read about the different ideas and pro and con. I hope other will discuss this topics.
Great idea :thumbsup:


(Alessio Fattorini) #3

Interesting discussion but I think there are too many points to be addressed :smile:

Those are good discussions in that direction:


Pretty stable since there are almost 1300 installations in production :smile:

Why not have a comparison as I suggested here? I don’t know Pfsense pretty well, we can work on it.

Again, too many comparisons, they deserve different discussions. What do you think? Please use “reply as linked topic” on the right.


(Kristian Malvander) #4

@alefattorini That’s the hole point and there shouldn’t’ be anything to address to be honest only sharing & discussion different solutions and to share experiences with cons and pros :wink: . But lets just leave it for now.


#5

I’m not a fan of an all in one from the standpoint of a gateway/server combo, that’s just a horrible single point of failure and in this day and age of virtualization why have a security update trash a bare metal install of everything, it’s just not reasonable.

I just put a ubuntu vm host into a clients home running two vm’s for sophos and oC/Plex/afp server. Logical is Wan - modem - sophos - ap - server.
With this is one energy efficient piece of hardware with redundancy and snapshots that’ll take 2 hours instead of days to rebuild even if a lightning strike hit the hardware directly.

The other kicker is I can drop a sophos or untangle with effective filtering into a network within 1 to 2 hours, I honestly can’t figure out how long it would take to setup a comparable nethserver for those kind of gateway duties, but I’m guessing… quite a while.


Network configuration - howto define interface connected with another LAN
(Gabriel GHEORGHIU) #6

Hi guys,

I love this Forum! I like you guys!
I think is the best Forum that I know!
So many different ideas to one goal: to make a good product for all (I feel like my office)!

Can I propose you some ideas to be discussed (I’m close to Scenario 3)?

Thank you!

Gabriel


(Alejandro Guerra) #7

hi @malvank Good morning, I would like to know the outcome of the tests and what would be your recommendation for installation on a server (or pfsense Proxmox and NS) and wordpress and email?