Nick Stears, Author at VooServers
Reliable hardware  -  Trained Staff

HTTP/ HTTPS and SSL Certification

Horizontal White Line


You are here:  Support / Technical Blog

Posted on  - By

Hypertext Transfer Protocol, more commonly known via its acronym HTTP, is the method in which a website presents data and content from its own servers to your browser on any particular device. HTTP uses a basic text file that contains hyperlinks, which navigate through a website and provide information to load audio/visual and other content. HTTP has been the gold standard since the inception of the internet.

The fundamental issue with HTTP in the current climate is transparency, with sorely lacking privacy and security measures. As an example, eager hackers with little trouble, could access personal data / credit and debit card information by intercepting an online transaction a user has made through a website page, which could lead to a significant number of vulnerable customers. This is where HTTPS came in to provide a solution. If you happen across a website, using HTTPS It is most likely that the website employs an SSL Certificate. This authentication can be confirmed via a secure lock icon on the browser toolbar. An SSL Certificate encrypts data/ passwords etc. meaning any transactions or private data is very difficult for would be hackers to exploit business or consumer data.

HTTPS HTTP

HTTPS has now become the gold standard HTTP once was, especially in the current climate with increased data protection and how it helps ensure business and customer data is at a reduced risk of exploitation. Should your business not employ an SSL certificate and run on standard HTTP you will likely not only run the risk of data breaches of company information, you also send the message to customers that perhaps their best interests and security are not being met, effectively losing new and current customers in the process. Web browsers such as Google Chrome have already gone as far as showing a warning on a form submission, for example if the connection is not secure. This could potentially alienate further customers who would otherwise have been interested in a business’s products or services but become wary that the internet’s most popular search engine deems the website unsafe.

Here at VooServers we provide single SSL certificates, EV certificates, as well as Wildcard certificates. Wildcard certificates offer unlimited subdomain protection under a single domain, which depending on how many sub-domains you are securing can have a significant cost benefit as opposed to requiring a certificate for individual subdomains. However, it is worth noting that some of the advanced SSL features such as EV are not generally supported on wildcard certificates.

Installation is provided by VooServers technicians who also provide annual reminders to assure peace of mind that you have protective measures in place for both business data, as well as (and perhaps more importantly) your current and future customer base. VooServers can also assist in redirecting a HTTP site to HTTPS directing customers to the correct protocol. With increased data protection act regulations as well as GDPR coming into full force, now is the time to provide SSL certification for the business websites you present to the public.

For more information on SSL Certifications please contact our sales team at sales@vooservers.com or via telephone on (01622 524200) who will be happy to advise on our current pricing and certification options.





Posted on  - By

The hyper-converged market is rapidly growing in today’s climate; the market alone is worth upwards of one billion pounds and is thought to be growing at a rate of 150% every year. Those that do not understand what converged and hyper-converged infrastructure are I will try to explain in its simplest form.

With a non-converged infrastructure you have for example a virtualisation server (with Hyper-V/Xen/KVM etc), which would then connect to some form of data storage via direct attached storage (DAS), storage area network (SAN) or a network attached storage (NAS) device. The virtual machines’ disks are hosted completely separately from the virtualisation server. The storage device will have some form of raid configured and optimised for performance and redundancy, but the key is they are completely separate; you would generally connect multiple virtualisation servers to the storage array.

With a hyper-converged infrastructure, everything is rolled into one, disks are stored on the same server with a storage controller running as a service on each node (you need a minimum of two nodes) which means you can scale your cluster while also maintaining the redundancy and resiliency that a storage device gives you. Storage is then abstracted as a separate layer which is used to create virtual san’s within the same hardware, demonstrated in the picture below:

Hyper-converged

With Windows Server 2016, hyper-converged is made possible by a feature called Storage Spaces Direct. This technology allows multiple nodes within the same cluster to see each disk as if it was is its own (from every node available in the cluster). Storage Spaces Direct also makes sure that every disk is resilient, so there are at least 2 copies of the data split across multiple nodes. If there is a faulty node or faulty disk, the data from that disk is still intact elsewhere. Storage Spaces Direct acts as a storage controller, which replaces the need for physical hardware raid, although you can still use both for performance gains.

The amount of nodes you have in your cluster determines how resilient you can make your infrastructure and how efficient it is. In a simple 2-node cluster, which is the lowest entry point in this infrastructure (for obvious reasons) you would be limited to a two-way mirror, this allows for a complete failure of one node. To determine which machine is live in the event of a failure you do require an external witness server, this can be anything within your network outside of your cluster, but could also be externally cloud based. A witness server is used to make the deciding vote when a node fails, so if node 1 can not communicate with node 2, and visa versa, the external witness will have the final say as to which node should be active. It is used primarily in even node clusters to ensure that there is always a majority vote in the event of a hardware or network failure with one or multiple nodes. When setting up a 3-node cluster Microsoft recommend a 3-way mirror, this allows failure of one node as well as a failed disk on a second node simultaneously, so an extra layer of redundancy compared to the 2-node cluster, a witness server is not required for this setup as 3 nodes are used so there will always be a deciding vote. A 4-Node cluster allows for dual parity, which adds another layer of redundancy and is the recommended setup by Microsoft for optimal performance. There are also figures to suggest that a four Node-Cluster is 50% more efficient, an 8-Node is 66% more efficient and a 16-Node improves efficiency up to 80% with a full SSD configuration.

There are many other features under the hood that deserve an honourable mention. One example is that you can set priorities on Virtual machines. If you need to take one node down and you do not have the memory to fail all VM’s to a different node you can set different priority levels. What this means is that when a node is put into maintenance, it will always prioritise moving the VM with the highest priority to the next available node. If there is an insufficient amount of memory to move all of the virtual machines then those with a lower priority will pause until the original node is brought back online.

The health service which monitors the state of the drives in your nodes has also been improved over 2012 R2, if a disk fails for any particular reason the end user will be notified, the disk will be highlighted within the node and can be replaced and rebuilt without any intervention (other than physically replacing the disk).

This was just a small glimpse into hyper-convergence and we look forward to rolling this out in the coming months to many of you! If you are interested in this technology, feel free to contact us by email at sales@vooservers.com or call us on 0800 0803 200 for more information to discuss your requirements.





Posted on  - By

In our industry, uptime is absolutely everything, we need to ensure services are online 100% of the time regardless of issues with network or hardware. To ensure we meet such high standards, when they are required, we use ARCserve HyperV High Availability and Assured Recovery to ensure we are never vulnerable to downtime. VooServers prides itself on having multiple points of presence, which gives us the flexibility of offering customers the option of additional failover to another site in the event of a failure at power or network level. The concept is relatively simple, both servers must be running the same operating system, have the ARCserve engine driver running and HyperV installed:



Let’s say for example Server A is your master server, the server that will be active 99% of the time generally. The control panel is used to configure the failover scenario, which can be highly customisable, I will tackle some of those features shortly. Server A is constantly checking whether Server B (located in Germany – known as the replica) is online, while Server B is also checking Server A is also online. The Virtual machine data and disks from HyperV are constantly replicating from Server A to Server B to ensure both Master and Replica are completely up to date in the event of a failover.

The operating system on the master develops a disk fault and crashes, the replica (Server B) spots that the master has gone offline and instantly calls itself into action, bringing the virtual machines online right where things were left off before the crash on the master. The whole process takes no longer than a minute and is completely seamless. When you have resolved any issues with Server A (currently now the replica), and the data spool is fully synced and up to date, you can fail the server back over and continue as normal. This also opens up the possibility of making maintenance quick and easy, simply bring the VM up in one location, make it live, and work on the other in the meantime. You can then test your upgrades/changes work in a test environment without worrying about any impact on the live system.

The control panel software is highly customisable, you can create reports, configure email alerts, install/update agents remotely, as well as altering the failover process. For instance if you would prefer to manually failover the HyperV scenarios then that is an option you can configure from within the control panel.

Failover


You can also configure snapshots from within the control panel, this allows you to mount the virtual machine from a single point in time. A quick example of this, if you lost a file for whatever reason 2 days ago and couldn’t take the machine offline on the master, you could simply mount the snapshot of that particular VM from the data required on the replica, find the file you need and then move it back over to your master, all without the need to take anything offline at any point. It’s all very straight forward and gives you the reassurance that you always have 2 active copies of your data in two completely separate infrastructures. With HA Assured Recovery you are always one step ahead when it comes to ensuring your systems are online – all the time.





Posted on  - By

Backing up laptops and office computers for most companies is imperative, whether it be your accountant with important financial documents, your designer with important website content or your Managing Directors email data, it’s crucial that your data is safe and recoverable. It is equally important however for companies to do their bit for the environment and ensure workstations are switched off when not in use to cut down on power costs and energy. The main problem with this is when; laptop lids get shut, pc’s get set on standby, your precious data never likely gets a chance to back itself up properly. With Backup2Go none of this matters, your workstations will backup wherever they are, at whatever time, providing it has internet access and power. It can do all this without the need to begin a backup from scratch. With very little administration required, Backup2Go is software you can depend on.

One of the reasons we started to look at Backup2Go is it seamlessly supports Windows, Macs and Linux based operating systems, a must for offices who give their employees the choice of OS. Once the agent is downloaded and installed, a quick 5 minute setup to configure which server to back up to and you are ready to go. With Backup2Go the administration is a doddle. Once you have your P5 backup server setup and a template in place you can begin assigning agents to it. The configurable options on the templates are extremely useful:

Backup2go
You can limit the amount of bandwidth the backups use, whether you want the data transfer encrypted or if you want backups disabled on battery power amongst other options. The settings from the template will always take priority unless of course you let the workstation decide. This is great if you want to enforce the backup of certain directories or if you want all agents to back up every X amount of hours.

When the backups are running, you can conveniently administrate all of your agents in the P5 overview control panel where a traffic light system is used to view the current status of all the running agents. This makes it clear to see how long ago it has been since the last successful backup or if there are any problems.

Backup2go
Since backups are likely to be performed each day, the volume of data for each backup increment will remain small meaning minimal server and network load. If you want to specifically deny backups during certain times of the day you can do this too, you may for instance want to deny backups during peak times in the day when productivity needs to be at its highest.

Restoring files is equally as simple and can be done on the user’s workstation or from the P5 administration panel. This takes away the hassle of having to contact your backup admin as users can simply login to the agent themselves and restore their files from any given time (displayed on the right of the screenshot below).

VooServers the best at BackUp2Go


We have been very impressed with the flexibility Backup2Go offers, it allows us to manage backups of client’s laptops and workstations with the freedom of knowing that their data is being securely backed up regardless of where they are.





Posted on  - By

For any IT related company in ownership of IP space using Cisco hardware, it is usually good practice to assign specific subnets to clients in their own vlan, with IPv4 space becoming sparse this will usually be something as low as a /30 or even a /32. Although this makes administration a lot easier there are still companies that distribute entire /24 blocks in one vlan and distribute a few IP’s from this pool, trusting that they will only use the IP’s they have been assigned. This is all well and good however you are purely relying on trust here, and from time to time clients may attempt to take advantage of the situation and use additional IP’s that do not belong to them. There is also the scenario where you simply may have mistakenly assigned somebody the wrong IP address. Fortunately we can quite easily track the culprit port on the Cisco with a few simple commands.

The first step is to ping the IP in question from another IP within that subnet, this is important as it will show up in the arp table and display the mac address we require. Once you have sent a ping to the port in question, in windows command prompt type arp – a, in Linux simply just type arp. Arp stands for address resolution protocol and is used for resolution of network layer addresses into link layer addresses, here we will be able to see the IP we have just pinged and the mac address we have associated with it.

The next thing we need to do is login to our cisco devices, here we have logged onto our router and broke the 12 character mac address into 3 sections of 4 separated by a dot for Cisco to understand:

cisco router


This shows the mac address of the server you are looking for, the formatting can vary however the formatting needed by cisco routers/switches will be XXXX.XXXX.XXXX. You can see here that the address is being broadcasted from port Gi1/8. Running a simple ‘show int status’ will reveal more information on the port if you have labelled properly.

cisco router


You can then locate the server in question/stop why it appears to be broadcasting an IP that does not belong to them, all very simple and will quickly resolve any IP conflicts that could be effecting you or your clients.





Posted on  - By

Here at Vooservers we use OwnCloud as a simple way of uploading and storing files on a server for ease of distributing direct link downloads to our clients, but as we begin to explore OwnCloud in more detail we found there’s a lot more under the hood then initially meets the eye.

OwnCloud Logo


For those that have not used OwnCloud before, it’s a free, open source piece of software installed on a server (you own) that operates as a very simple way to sync your files from one place to another. There are comparisons made with Dropbox and that is partly true in the way it works, but the key fundamental difference is that with OwnCloud you know where your files are being stored, with DropBox you are paying for storage space in which your files are dotted around the globe somewhere in which you have no control over. For some that is not an issue, but for those that like to know their confidential documents are safe, OwnCloud provides this.

The server software installation is very straight forward, compatible with both Windows and Linux. When you have OwnCloud Server setup, simply install the desktop client to synchronise the directory’s that you want to Sync and OwnCloud will sync any files placed into this directory automatically. There is even a mobile app that works with android/iOS and will sync files and photos, you can then set your phone to synchronise when you connect to Wi-Fi (to save wasting your mobile data). Let’s put that into an example, you are a photographer taking photos for a report that is being written back in the office by a colleague. You take a few photos and within 5 seconds they are readily accessible on OwnCloud for your colleague to add to his report, it saves time and is completely seamless.

OwnCloud Upload


This is just one of the many handy features that OwnCloud offers, for instance we regularly need to send clients large files, with OwnCloud we can drop them on the server and password protect the link and send directly to the client, again all very quick and simple. OwnCloud hasn’t tried to reinvent the wheel here and as with anything there are other ways this could be done, but the simple to use user interface makes it our first choice for storing and sharing files for the foreseeable future.





Posted on  - By

Keeping your data safe is imperative for most organisations, people say ‘you can never have enough backups’ and that maybe a little cliché however it really is genuinely a good ethos to adapt if you are concerned about data loss. Here at VooServers we use R1soft’s CDP as it gives us the flexibility and customisation needed to ensure we have everything backed up and stored in one centralised location.

There are three fundamental parts to CDP server, the server, the disk safe and the policy. Adding the server is a relatively painless task, it’s simply a matter of installing a small agent on the destination server (compatible with Linux, Windows amongst others), add a key to allow the two servers to authenticate and your all set.

communicating with agent


Creating the disk safe is just as simple and allows you the flexibly of adding either a single disk, multiple disks, or automatically add all disks to the server. This is obviously quite handy if you are regularly adding new disks to a system as it saves a lot of administrative time.

The final and most crucial part of the procedure is adding and configuring the policies. This is where R1soft shines, simply select the server, select the disk safe and then customise the policy exactly how you want it. For instance you can set the backup frequency to daily, hourly, minutely and then set the amount of recovery points to how many days’ worth of backups you require. To give you an example if you backed up a server every hour and you wanted to hold the data for a month, you would set 744 recovery points (24 in a day X 31 days in a month). This allows you to restore from 744 different points in time over the space of a month, giving you ultimate flexibility, of course you can back up/retain more frequently if you prefer.

Other than the scheduling and retention periods, there are further customisations that can be made, for instance you can exclude certain files/directories from backups, you can backup individual databases via MySql/SQL add-ons, there is also an add-on to backup all Exchange instances or Cpanel accounts.


edit policy


Let’s take a typical case study, you have a multiple user Cpanel server with a dozen or so SQL databases. A user makes an error and corrupts his SQL database, taking his website offline potentially losing revenue. With R1soft CDP we can simply select a restore point (usually a few moments before the error has been made), find the correct database, click restore and the database will be back to a working state within minutes! With this type of backup power at our disposal we can feel confident in the knowledge that any mistake can be put right with just a couple of clicks!


files restore summary






© VooServers Ltd 2016 - All Rights Reserved
Company No. 05598156