🖇️ 🥔 👣 6 key questions when moving a business to the cloud 💆🏾 🏾 😭

Due to forced vacations, even large companies with developed IT infrastructure find it difficult to organize remote work of personnel, and small businesses simply do not have enough resources to deploy the necessary services. Another problem is related to information security: opening access to the internal network from employees' home computers is risky without the use of specialized enterprise-class products. Renting virtual servers does not require capital expenditures and allows you to make temporary solutions outside the secure perimeter. In a short article, we will consider several typical scenarios for using VDS in self-isolation conditions. It should be noted right away that the article is orientation and is oriented more towards those who only delve into the topic.

1. Should I use VDS to configure VPN?

A virtual private network is essential for employees to securely access internal corporate resources over the Internet. The VPN server can be raised on a router or inside a secure perimeter, but in the conditions of self-isolation, the number of simultaneously connected remote users will increase, which means you will need a productive router or a dedicated computer. Using existing ones (for example, a mail server or a web server) is unsafe. VPN is already working in many companies, but if it is not already there or if the router is not random enough to service all remote connections, ordering an external virtual server will save money and simplify setup.

2. How to organize a VPN service on VDS?

First you need to order VDS. Small companies do not need powerful configurations to create their own VPNs - an entry-level server on GNU / Linux is enough. If the computing resources are insufficient, they can always be increased. It remains to choose the protocol and software for organizing client connections to the VPN server. There are many options, we recommend staying with Ubuntu Linux and SoftEther- This open cross-platform server and VPN client is easy to configure, supports various protocols and provides strong encryption. After configuring the server, the most interesting thing remains: client accounts and setting up remote connections from employees' home computers. In order to provide employees with access to the office LAN, you will have to connect the server to the LAN router via an encrypted tunnel and here SoftEther will help us again.

3. Why do we need our own video conferencing service (VKS)?

E-mail and instant messengers are not enough to replace daily communication in the office on business issues or for distance learning. With the transition to udalenka, small businesses and educational institutions began to actively develop public services for organizing teleconferences in audio and video format. The recent scandal with Zoom revealed the malignity of this idea: it turned out that even market leaders do not care enough about privacy.

You can create your own conferencing service, but deploying it at the office is not always advisable. This will require a productive computer and, most importantly, high bandwidth Internet connection. Without experience, company specialists may incorrectly calculate resource requirements and order too weak or too powerful and expensive configurations, and it is not always possible to expand the channel on the areas rented in the business center. In addition, launching a VKS service accessible from the Internet inside a secure perimeter is not the best idea from the point of view of information security.

A virtual server is ideal for solving the problem: it requires only a monthly subscription, while the computing power can be increased or decreased as you like. In addition, it is easy to deploy a secure messenger with the possibility of group chats, helpdesk, document storage, a source repository and any other related temporary service for teamwork and home training on VDS. A virtual server does not have to be connected to the office network if the applications running on it do not require it: you can simply copy the necessary data.

4. How to organize teamwork and training at home?

First of all, you need to choose a software VKS solution. Small businesses should focus on free and shareware products, such as, for example, Apache OpenMeetings - this open platform allows you to conduct video conferences, webinars, broadcasts and presentations, as well as organize distance learning. Its functionality is similar to the functionality of commercial systems:

video and sound transmission;
common boards and common screens;
general and private chats;
mail client for correspondence and mailings;
built-in calendar for event planning;
polls and polls;
exchange of documents and files;
web event recording
unlimited number of virtual rooms;
Android mobile client.

It is worth noting the high level of OpenMeetings security, as well as the ability to customize and integrate the platform with popular CMS, training systems and office IP-telephony. The disadvantage of the solution is a consequence of its advantages: it is quite difficult to configure open source software. Another open source product with similar functionality is BigBlueButton . Small teams can choose shareware versions of commercial videoconferencing servers, such as, for example, domestic TrueConf Server Free or VideoMost . The latter is also suitable for large organizations: due to the self-isolation mode, the developer allows using the version for 1000 users for free for three months.

At the next stage, you need to study the documentation, calculate the need for resources and order VDS. Typically, deploying a videoconferencing server requires mid-range configurations on GNU / Linux or Windows with sufficient RAM and storage. Of course, everything depends on the tasks being solved, but VDS allows you to experiment: adding resources or abandoning unnecessary ones is never too late. In the end, the most interesting part will remain: configure the videoconferencing server and related software, create user accounts and, if necessary, install client programs.

5. How to replace unsafe home computers?

Even if the company has a virtual private network, this will not solve all the problems with secure remote work. Under normal circumstances, not many people with limited access to internal resources connect to the VPN. When the whole office is working at home - this is a completely different sport. Personal computers of employees may be infected with malware, households use them, and the configuration of machines often does not meet corporate requirements.
It’s unprofitable to give laptops to everyone, new-fangled cloud desktop virtualization solutions are also expensive, but there is a way out - Remote Desktop Services (RDS) on Windows. Deploying them in a virtual machine is a great idea. All employees will work with a standard set of applications and control access to LAN services from a single node will become much easier. You can even rent a virtual server along with antivirus software to save on a license purchase. Say we have anti-virus protection from Kaspersky Lab available in any configuration on Windows.

6. How to configure RDS on a virtual server?

First you need to order VDS, focusing on the need for computing resources. In each case, it is individual, but RDS needs a powerful configuration: at least four cores, a gigabyte of memory for each of the users working simultaneously and about 4 GB for the system, as well as a fairly large amount of storage. The bandwidth of the channel should be calculated based on the need of 250 Kbps per user.

As standard, Windows Server allows you to simultaneously create no more than two RDP sessions and only for computer administration. To configure full-fledged Remote Desktop Services, you will have to add server roles and components, activate the licensing server or use an external one, and install client access licenses (CALs), which are purchased separately. Renting a powerful VDS and terminal licenses for Windows Server will cost a lot, but it’s more profitable to buy an “iron” server, which will be needed for a relatively short time and for which you still have to purchase RDS CAL. In addition, there is an option not to pay for licenses legally: within 120 days, RDS can be used in a trial mode.

Starting with Windows Server 2012, it is desirable to enter the machine into the Active Directory (AD) domain to use RDS. Although this can be dispensed with in many cases, connecting a separate virtual server with a real IP to a domain deployed in an office LAN via a VPN is not difficult. In addition, users will still need access from virtual desktops to internal corporate resources. To make your life easier, you should contact a provider who will pick up services on the client’s virtual machine. In particular, if you purchase RDS CALs from RuVDS, our technical support will install them on your own licensing server and configure Remote Desktop Services on the client’s virtual machine.

Using RDS will relieve IT specialists of the headache by bringing the software configuration of employees' home computers to a common corporate denominator and greatly simplify the remote administration of user workstations.

And how did your company implement interesting ideas for using VDS during general self-isolation?