jump to navigation

Why Windows Small Business Server Doesn’t Work for Small Business October 26, 2006

Posted by selkowitz in Networking, Security, Software.
1 comment so far

When small businesses think of servers, they often think of Windows Small Business Server (SBS) as the natural choice due to their familiarity with Windows desktops. Unfortunately that isn’t necessarily the best choice to provide server functionality.

The first question any small business should ask themselves when looking at a server is what functionality are you seeking? The reality is most small businesses use their servers for a few simple tasks – file storage and sharing, backup, user login authentication, calendar sharing, maybe email (often they use the webhost), and firewall/remote access. Lets look to see if Windows SBS actually fulfills these needs efficiently.

File Storage and Sharing
Windows SBS does a fine job of serving up files, but is lacking in ease of setup. It seems obvious that if you add a user you’d want to give that user straightforward access to their file share, Windows desktop does that by mapping the drive – but Windows SBS doesn’t make that a simple option! The same goes for groups to share data. Making using the server more difficult to the end user leads to people not storing data on the server but rather their desktop – meaning its probably not being backed up.

Windows SBS backup is largely worthless. I’ll give one simple example – Windows SBS backup can’t even backup Exchange data properly – and Exchange is integrated in the system! Don’t even get me started on SQL, open files, etc. Realistically recovery from a hard drive crash is days of work and thousands of dollars. Of course this can be solved by integrating third party hardware and software, at additional cost.

User Login Authentication
Windows does fine here, Active Directory is certainly complex and overkill, but not too difficult to manage or full of pitfalls.

Calendar Sharing and Email
This falls under the loved and hated Exchange component of SBS. Exchange is both powerful and complex, so much so that some people’s careers are dedicated to just Exchange administration and multiple magazines focus solely on this component. My favorite example of the difficulties of Exchange is the article “My Thirteen Days in Exchange Hell” detailing Outlook Power Magazine’s own experience in restoring their backups after their Exchange server crashed. If a magazine dedicated to Exchange power users can’t prevent or recover from a crash in a timely manner – what chance does an average small business have?

Of course no email system is complete without antivirus and antispam, which of course means more third party integration.

Firewall/Remote Access
Windows SBS Standard doesn’t include a firewall and while Premium does, I wouldn’t recommend trusting any security issue to Windows give the poor security history of the product. In which case if you use a third party hardware firewall, most include great VPN remote access capabilities – so while Windows SBS does include VPN remote access its best left to the firewall.

The Integration Problem
In cases of backup, antivirus and antispam, and firewall you’ll need to integrate third party systems to make everything work – thats where the costs and risks multiply. Third party solutions mean more setup time, more testing time, and a greater risk of conflicts. No longer is Windows SBS an off the shelf solution but instead a do-it-yourself project. Since no one vendor is testing the whole custom package, you end up paying your consultants to do this work.

The Real World
What we see in the real world is most Windows SBS installations have serious problems. In most cases they start out with the best intent, but the project snowballs and gets cut off, because unfortunately few consultants really know how to do Windows SBS right (or quote accurately) and fewer companies know what to expect or desire to pay so much to get it done right.

The often humorous oversights, lack of valuable integration, and overwhelming ability to do things wrong with Windows SBS makes it truly impractical for most small businesses. Windows SBS gives you nearly unlimited ability but at high cost and risk – ultimately limited ability that small businesses truly need in a secure and integrated package is far more desirable.


What’s Really Involved in Picking and Changing ISPs September 30, 2006

Posted by selkowitz in Networking.
add a comment

Hardly any business can survive without internet access, yet as critical as it is most businesses underestimate the complexity of choosing or switching internet service providers (ISPs).

What makes this oftentimes more complex is the companies selling internet service (phone companies and cable TV companies) usually don’t have salespeople that understand computer networks.

Here’s a few issues in picking a provider:

An SLA or service line agreement is a promise the ISP makes regarding uptime, performance, and repair times. Not all services have SLAs and your company may not need it – but its a consideration. Any service without an SLA is “best effort” and their definition of “best” and “effort” may not be yours.

Support varies incredibly, some companies a large, well trained staff available 24/7 and others will get back to you in a few hours or days. I’ve even had the case where the one guy who could handle hosting issues was out for a week, so email couldn’t get setup! Ask some serious questions here and even call the support line to see if you get a menu, human, or voicemail.

Not all networks are built the same – some have better equipment, better backbones, lower utilization, etc. Even who’s on their network can matter – for example if your business service runs on the same network as residential service you may see slowdowns in the afternoons as kids get home from school.

Issues like dynamic or static IPs, bridged or routed mode, etc are very important and not all providers support all options (or charge excessively for them).

Speed is the issue most advertised, but while its an issue, its often misrepresented. For example yes, Cable has a much faster theoretical download speed than a T1, but no guarantees. Plus a T1 delivers significantly greater upload speeds which is important for VPNs, mail servers, and any business sending out files. Not to mention the latency issues when running VPNs or RDC.

Once you pick a service and provider, you may need to change quite a bit – and chances are your new ISP won’t help.

If you use static IPs, you’ll need to have someone on hand to reconfigure the firewall.

If you’re switching your web hosting to the new ISP, you’ll need to migrate hosting and change DNS settings with your registrar.

MX Records
If you run a mailserver, you’ll need to change your MX records with the webhost to continue to receive mail. Ideally you have both the old and new MX IPs in the DNS during the change to make the change smoother.

Reverse DNS
If you run a mailserver, you’ll also want to request a reverse DNS entry from the ISP to help your mail be properly identified as legit instead of spam.

External Access
If you access the network externally by IP instead of domain name, you’ll need to change all those settings to once again connect. This most likely will affect VPN users.

Its not to say the companies selling internet service are bad for not helping – this is highly complex stuff which varies by each network, making it best left to your own IT staff or consultants. Obviously since we sell phone and internet service we provide this service to our clients often at no charge, but we’re rare in doing this.