Small server for business vs. NAS

[foxp3]

Hi folks of linustechtips,

my Dad runs a small company and right now we pay for some external server space where we have owncloud installed for our central file management. At the end of this year we have to find our own solution and since I'm the one in the family how "knows computer stuff" I have been thinking and reading articels on the web the last couple of days how to solve our problem and be as cost-efficient as possible.

All our system has to do is hosting files and be accessible from the web. We have 3 desktop PCs in our office, some Laptops and other mobile devices.

 

So far I can think of 4 major solutions.

1) Install owncloud on our own 50gb (yup, thats enough for us) webspace. Our domain provider gave us 50gb of webspace when we signed the contract. So I could just install owncloud and have the same system as we have right now.

Problem: The synchronization is (to be honest) not the best and we sometimes get conflict-files. We use it because it's for free but it also lacks some proper user management tools.

2) Buy a NAS (Synology) and configure a VPN tunnel. Better but not the best user management tools.

3) Buy a small desktop PC and buy Windows Server 2016 Essentials. The biggest advantage with Windows Server would be the user management obviously. Why would user management be important for a 5-person-company? Because I wanted to install KeePass and restrict reading/editing rights. I also want some of the folders not to be visible for other persons because they could extract the database-file or alter the xml-configuration to mess with our passwords. As far as I understood it, only proper Windows user management can help with this. In short - I want people to run the .exe-files on the server and not be able to mess with the rest of the programme.

4) Buy a small desktop PC, install Windows 7 and just create a home group and be corrected by you guys, that I can hide folders and restrict access with this method too. Although the possibility to log onto the server from any computer via this active directory thingy would be really cool.

 

I would love to get some constructive tips. I'm really new to the topic of networking and I just want to keep the costs low but have maximum flexibility with a managable complexity of the whole system so that I can administrate it (and I am far from being an expert).

Thank you and have a nice day!!

 

[bgibbz]

You can just get old/ cheap hardware and setup a freeNAS.  FreeNAS has a plugin for own cloud, and also supports SMB sharing to share with all of the pcs on the network. 

Edited January 19, 2017 by bgibbz

[TheGlenlivet]

Had this same issue with the company I work for.  After going back and forth on the costs and pro/cons we decided to keep it hosted by a third party in a remote location for security reasons.

If the data you have is critical and the company would have major issues without it, then you might want to consider this as well.

Bottom line, we couldn't physically secure the data from theft/fire/computer crash etc ourselves with a reasonable degree of certainty, so we pay someone else to do it.

 

[beanhubbleday]

Buy a decent PC or entry-level server and fire Win 2012/2016 onto it

[NTDaws]

This is what I did

 

PCPartPicker part list: https://pcpartpicker.com/list/VvHf2R
Price breakdown by merchant: https://pcpartpicker.com/list/VvHf2R/by_merchant/

CPU: Intel Pentium G4560 3.5GHz Dual-Core Processor  ($75.00 @ B&H) 
Motherboard: ASRock B250M-HDV Micro ATX LGA1151 Motherboard  ($71.98 @ Newegg) 
Memory: Corsair 8GB (1 x 8GB) DDR4-2133 Memory  ($44.38 @ Newegg Marketplace) 
Storage: Kingston SSDNow V300 Series 120GB 2.5" Solid State Drive  ($47.49 @ Amazon) 
Storage: Western Digital Caviar Blue 1TB 3.5" 7200RPM Internal Hard Drive  ($49.66 @ OutletPC) 
Storage: Western Digital Caviar Blue 1TB 3.5" 7200RPM Internal Hard Drive  ($49.66 @ OutletPC) 
Storage: Western Digital Caviar Blue 1TB 3.5" 7200RPM Internal Hard Drive  ($49.66 @ OutletPC) 
Storage: Western Digital Caviar Blue 1TB 3.5" 7200RPM Internal Hard Drive  ($49.66 @ OutletPC) 
Case: Corsair 200R ATX Mid Tower Case  ($59.99 @ Newegg) 
Power Supply: EVGA SuperNOVA G2 550W 80+ Gold Certified Fully-Modular ATX Power Supply  ($78.89 @ OutletPC) 
Other: SilverStone Technology RL-FS305B Front Bay Hot-Swapable Hard Drive Enclosure  ($120.13 @ Amazon) 
Other: StarTech.com 4 Port PCI Express SATA III 6Gbps RAID Controller Card PCIe SATA 3 Controller Adapter 
Total: $696.50
Prices include shipping, taxes, and discounts when available
Generated by PCPartPicker 2017-01-19 11:44 EST-0500

[NTDaws]

Then I would buy one of these

 

http://www.ebay.ca/itm/10-100-1000M-PCIe-PCI-Express-to-4x-Gigabit-Card-Ethernet-Network-Adapter-4-Port-/361670797271?hash=item54354267d7:g:b~kAAOSwRoxXmwXn

[Sprawlie]

My First Tip:

 

if this is a business and is intended to support the livlhood and operation of that business, I recommend avoiding "home brew" solutions. Its fun to tinker and use some of those for home and personal use, but when you're dealing with data that could potentially make or break someones livelihood, you need to ensure it's done safely and robustly. It will however mean higher costs.

 

if you're going to build a server, Use server parts. Xeon's. good quality RAM, server grade drives and controllers. And remember, Redundancy, Redundancy Redundancy.

 

the last thing you ever want to have to admit is that data is lost because you opted to use cheap components. In the case of enterprise, Avoid off the shelf NAS units. make sure you use quality enterprise grade drives. 

 

And more importantly, ensure you have a safe and proper backup strategy to keep the data accessible should the hardware also fail

 

 

 

 

 

[leadeater]

Just use Office 365 or Google Apps for Work? I would avoid any solution where you/they have to purchase and maintain any hardware. For small businesses hosted solutions are a much safer and reliable option. Plus these are native web solutions and requires no setup on your part to use them as such.

[foxp3]

On 19.1.2017 at 11:58 PM, leadeater said:

Just use Office 365 or Google Apps for Work? I would avoid any solution where you/they have to purchase and maintain any hardware. For small businesses hosted solutions are a much safer and reliable option. Plus these are native web solutions and requires no setup on your part to use them as such.

The problem are European laws in this field of work. You are basically not allowed to host data on any non-european servers because the data privacy laws are not as thorough. So Dropbox, Google and Windows servers are to be honest out of the question. Although im sure there's other ways where our data is read and analyzed by secret services. But hey, we try to obey - although I think this is complete bullshit.

 

On 19.1.2017 at 6:41 PM, Sprawlie said:

My First Tip:

if this is a business and is intended to support the livlhood and operation of that business, I recommend avoiding "home brew" solutions. Its fun to tinker and use some of those for home and personal use, but when you're dealing with data that could potentially make or break someones livelihood, you need to ensure it's done safely and robustly. It will however mean higher costs.

if you're going to build a server, Use server parts. Xeon's. good quality RAM, server grade drives and controllers. And remember, Redundancy, Redundancy Redundancy.

the last thing you ever want to have to admit is that data is lost because you opted to use cheap components. In the case of enterprise, Avoid off the shelf NAS units. make sure you use quality enterprise grade drives.

And more importantly, ensure you have a safe and proper backup strategy to keep the data accessible should the hardware also fail

This is a great tip - thank you.

Do you have any idea which NAS is good for our purposes?

[leadeater]

15 minutes ago, foxp3 said:

The problem are European laws in this field of work. You are basically not allowed to host data on any non-european servers because the data privacy laws are not as thorough. So Dropbox, Google and Windows servers are to be honest out of the question. Although im sure there's other ways where our data is read and analyzed by secret services. But hey, we try to obey - although I think this is complete bullshit.

No Windows Servers makes zero sense...

 

Office 365 can comply with those regulations, localized Azure zones.

 

To be fair I'm not exactly a cloud supporter, most of the time it doesn't make any sense at all but unfortunately IT professionals don't always get to have the final say. Anyway most countries have similar laws but those are gradually changing due to the rise in cloud usage. For us recently medical data can now be stored outside of the country so long as there is a copy of the data locally.

 

There is most likely a local hosting provider that can offer similar services but at a slightly higher cost. I have seen many small businesses with significant problems due to lack of ongoing support and maintenance of hardware which is why these suit hosted solutions so much. If you can find a solution that doesn't involve buying hardware then that is what I'd advise to do even if it costs more.

 

If you really do want to buy hardware then have a look at QNAP range of NAS's, they are very good and I prefer them over Synology. QNAP also has cloud/internet access support inbuilt. https://www.myqnapcloud.com/

[foxp3]

So you guys wouldn't recommend having another desktop PC and create a home network with share folders? This PC would then synchronize to owncloud for backup.

[foxp3]

I'm sorry that I have to ask again.
Can you guys elaborate on the reasons why option 3 or 4 are not to be recommended?

 

Thank you!

[leadeater]

5 hours ago, foxp3 said:

I'm sorry that I have to ask again.
Can you guys elaborate on the reasons why option 3 or 4 are not to be recommended?

 

Thank you!

I don't see too much issue with option 3, I don't see a need for KeePass though. You can do all the required permissions natively with NTFS permissions, unless I'm missing something? You can also hide folders users don't have permissions to using DFS and access based enumeration.

 

Option 4 is something I wouldn't do. Home groups are not exactly great in any particular way, even in usability and simplicity to setup. Windows 7 and standard network shares would be better than home groups.

 

My vote out of the 4 options is number 2, QNAP or Synology, in conjunction with cloud backup of the NAS or using external USB disks via the front USB backup port.

[ssfdre38]

For me i would build a small forum factor server with windows server 2016 just so i can have some security to the computers and have backups on the server of the computer. Now you can do that at a data center or on location but that is what i would do and never use windows home groups in a business.

[samiscool51]

something like windows server would be overkill for file sharing to three computers on the network and unless your router allows computers to create a VPN it's extremely hard and not worth it

it's better to have a small NAS box and use the interrelated FTP services integrated and use that to host the files over the network and internet

[ssfdre38]

well im an overkill kind of person myself so i would do something like that

[foxp3]

3 hours ago, samiscool51 said:

something like windows server would be overkill for file sharing to three computers on the network and unless your router allows computers to create a VPN it's extremely hard and not worth it

it's better to have a small NAS box and use the interrelated FTP services integrated and use that to host the files over the network and internet

i am somewhat afraid of the configuration. i have to say windows server came only to my mind because i try to find a centralized password management. i used keepass but unfortunately you have to restrict rights at file-level for it to be safe. thats why i thought - "lets use a server and have proper user management". on the other hand i could start using the money i save by not buying a server and invest in a paid solution like 1password or any programme that has a proper user management built in. the rest of the work is really all about file sharing and cloud synchronization of the files to different devices across our town.

[Guest]

On 20/01/2017 at 4:41 AM, Sprawlie said:

if this is a business and is intended to support the livlhood and operation of that business, I recommend avoiding "home brew" solutions. Its fun to tinker and use some of those for home and personal use, but when you're dealing with data that could potentially make or break someones livelihood, you need to ensure it's done safely and robustly. It will however mean higher costs.

+1

 

On 20/01/2017 at 9:58 AM, leadeater said:

Just use Office 365 or Google Apps for Work? I would avoid any solution where you/they have to purchase and maintain any hardware. For small businesses hosted solutions are a much safer and reliable option. Plus these are native web solutions and requires no setup on your part to use them as such.

This is probably the best option - Office 365 Business or Office 365 Business Premium would be your best bet (bus prem gives you 50GB mailbox email hosting for your domain. Simply adjust DNS and MX records for the domain to point at 365 and 365 will host mail) - If you want more info on 365 plans for business, ask away.

 

Alternatively if you want to host it yourself, a QNAP NAS would be your best bet. This can be done one of two ways - either collocate a 1U NAS into a datacenter and let it run from there. This is a more reliable option as the DC will have SLA's to meet (availibility guarantee) - I'd recommend getting a NAS with redundant PSU's if possible.

 

Atlernatively you can host it locally however you'll be limited by your internet speed as well as the power availibility & reliability.

 

I was using a QNAP NAS at home for my file and media storage however I've given it just the movies/TV now as I've moved the more important data across to OneDrive as it's easier to intergrate into my ecosystem (web apps, iOS devices)

 

To further elaborate, building your own device or using a prebuilt server with Server 2012 R2 or Server 2016 is a terrible idea. Server OS's require more maintainence - Windows updates unless correctly configured/managed can require consistent attention, anti virus also is required.

 

 

 

[samiscool51]

10 minutes ago, foxp3 said:

i am somewhat afraid of the configuration. i have to say windows server came only to my mind because i try to find a centralized password management. i used keepass but unfortunately you have to restrict rights at file-level for it to be safe. thats why i thought - "lets use a server and have proper user management". on the other hand i could start using the money i save by not buying a server and invest in a paid solution like 1password or any programme that has a proper user management built in. the rest of the work is really all about file sharing and cloud synchronization of the files to different devices across our town.

then a NAS box would be the best for your needs...

[Mikensan]

I second office 365 or a qnap/synology both of which I feel confident support owncloud. If the qnap/synology breaks, it's a phonecall instead of a full day or night of troubleshooting and praying. You also get the entire device warrantied instead each individual part like you would a PC. Much easier to have a single vendor to call.

 

There's also the license cost of Windows Server which is about as much as an entry level synology/qnap. Though I would suggest Windows if you're going to use a home-brew setup. You can do permissions without AD but it's a hassle - you create a share with "everyone" with modify (not full) rights, then have whoever create a folder, disable inheritance and set their own permissions. The drawback (as with almost every NAS) is whoever controls the NAS controls all data (since they could take ownership).