Posted by: Tavis Patterson on May 20, 2016 at 12:06 pm
If you follow our blog, you saw Part I of this series where we described the small business IT network in 2016 and focused on the onsite network at your own location. This type of scenario, as we summarized, is for the risk-averse that are frightened by security concerns in the cloud. It also is wise for small businesses in territories with limited bandwidth. This is probably characterized by a connection that is 10 Mbps or less. If you’re in this scenario then stick with Option I: Onsite network.
Option II is a new category of small business network that we characterize as Hybrid Cloud. Who does Hybrid Cloud work for?
- Engineering Companies – Typical engineering companies have employees who run CAD or some other graphics intensive system. Although there are cloud systems out there that claim to run engineering applications, we just haven’t seen the user experience be as good as onsite data collection.
- Graphics Companies – Those that work with heavy graphics all the time are also in this category.
- Video Companies – Those that work with video files day in and day out will want to look at this option.
- “Cloud Waders” – These are companies that want to start to get their feet wet when it comes to cloud but aren’t 100% sold on doing everything in the cloud. The Hybrid Cloud approach is perfect for these companies as it gives them a chance to try the cloud but yet have files onsite in case an Internet provider goes down or a Cloud provider goes down.
CONS: It the most expensive network option of the 3 we propose.
So what’s involved with Hybrid Cloud?
Option II: Hybrid Cloud
- Firewall – Once again we start with a state-of-the-art firewall. Every business needs this advanced threat monitoring. If there was one monthly fee that I would pay if I was starting a business today it would be for this firewall. It needs to be updated regularly and constantly monitoring for all new threats as they come out. As stated before, we use the SonicWall® series of firewall. Typical small businesses can get by with a TZ 300 or TZ 500.
- Email – As in our previous approach with onsite networks, we recommend Office 365 for Exchange email for a business. It just provides the best cost versus the negative of having to worry about maintenance and updating. For most small businesses we recommend Small Business Essentials as the package to get for just email. Small Business Premium can be used when Office needs to be downloaded and purchased.
- On Site AD/File and Print Server – Using the firewall mentioned in point #1, we create a point-to-point VPN between the data center and the client’s location. We then set up a server with Microsoft Server 2012 R2 with Active Directory on a server onsite at the clients location and one at the data center. This replication gives security in both locations and allows for quick and simple logins from both the Cloud and the onsite workstations. We also set up the onsite server with replicated data from the data center that only changes when the file changes in either location. This server also controls all printer functions as well onsite.
- Cloud AD Server – We put a virtual server in the data center for our clients connected directly via VPN as described in point #3. This allows quick logins to the Cloud session. It also allows for connecting to Office 365 for login replication so that a user doesn’t have to remember 2 passwords. Something no user wants to do.
- Cloud RAS Server – Next to the AD Server we put another virtual server running Microsoft Server 2012 R2 with Remote Desktop connections. On top of this we layer either Parallels Remote Access Server or Citrix Xenapp. Why do this added expense? It provides a better user experience than just running Remote Desktop services alone. It has an easy-to-use client that can be cross-platform and give the user the best experience on any Android, iOS, Windows or Apple device. It also allows certain users onsite at a client to run a thin client machine and cut down on costs. We layer all the business applications on this server and lock it down so that users can’t destroy the thing.
- Workstations, Wireless and Switches – Check out our previous post on that for what we do. The only change is that now we can use thin terminal devices if we desire as described in point #5. Why is that nice? How often do you get frustrated when a user downloads a virus to his machine and you have to go and fix it? For users with this option we never have to worry about that. And if a device fails, it’s as easy as unplugging the old one and plugging in the new one for the user. Admin Warning: Some folks just don’t like thin clients. Why? They aren’t in control. They are use to downloading and doing everything on their own PCs and getting themselves into trouble. If you have a business where people are “free thinkers” you probably are going to hear about it. But for most who just want to get their work done having a thin client is a no brainer.
OK that’s Option II. Is a Hybrid Cloud approach best for you? Perhaps you’re just ready for Option III – Total Cloud. That’ll be addressed in our third blog post on this subject. Let us know if we can help in any way!