In a previous blog entry, I talked about my network infrastructure.

Some things have changed since then, so I figured it would be a good idea to outline what I've changed.

Firewall

I'm still using PFSense. It's fantastic. There was one hitch, the hard drive on that old notebook died. Fortunately, you can run PFSense off the boot CD and use a USB key to store the data. That's exactly what I'm doing.

Network Storage

I mentioned in the earlier article that I was using FreeNAS. Well, that didn't work out too great. As hardware begins to fail (my RAID 1 did), it becomes a bit of a pain to get things off. I have since retired that FreeNAS box and changed my storage strategy completely. You know, it's cool to build your own hardware, etc. but it's also a huge time suck.

Failures don't happen when you're bored, they happen when you're too busy to be spending time fixing things.

Since most of my machines are Macs, I've put an external drive on each of them and have them running Time Machine. On my main machine, I alternate between two different Time Machine drives for a little extra bit of safety.

With the multiple hard drive failures in the past 12 months, I got sick of giving money to hard drive manufacturers, and bought a subscription to CrashPlan. All of my critical data is archived into the cloud this way. A bonus is that the software lets you back up to other computers on the network. As such, each of my Macs has two extra backup copies stored elsewhere in my home network. The cost of the subscription for me is less than the cost of one hard drive per year. Totally worthwhile.

Finally, I am using Dropbox, a cloud file syncing service. This is a fantastic service. I believe you can get a 2GB account for free. I am also a paying subscriber with Dropbox as well. It is invaluable for sharing data across your computers and mobile devices. Note that the difference between Dropbox and Crashplan is that I use Dropbox for live files, and Crashplan for archived files. It's a subtle but important difference.

This isn't related to business intelligence per se, but something that many small businesses could use.

Over the Christmas holidays, I made a couple of key changes to my infrastructure, and I thought that I would share my experience.

Firewall

The first change I made was to deploy a firewall appliance. For the longest time, I've been using a Linksys MIMO wireless router as my "gateway" to the Internets. I've always wanted a Sonicwall, but didn't want to blow an easy grand on one. I had an old, old laptop that wasn't being used, whose sale value in today's world is basically $0. So I had a choice - spend $800+ or $0 + some time.

To implement a firewall, you basically need a machine with 2 NICs. Fortunately, I had an "old" gigabit PCMCIA card lying around that could be repurposed for the firewall. The next step was to find an appliance distribution that worked with my hardware. I did have my heart set on Smoothwall, but as luck would have it, it didn't like my hardware. M0n0wall was my second choice, but it was a little less than robust with my non-standard hardware configuration. Finally, I went with PFSense, a M0n0wall fork that had better hardware compatibility. Note that you can't go wrong with any of the three appliance distros that I mentioned. Pick the one that works best with the hardware you've got.

Physical deployment of PFSense took maybe 30 minutes. Maybe. Configuring PFSense to my obsessive compulsive ways took maybe an additional hour, and that was mostly data entry on my part, entering MAC addresses for static DCHP assignments. For most other people, they probably would have only needed to spend an additional 10 minutes configuring PFSense.

The only unexpected side effect of using PFSense over my old router was that my Internet access seemed a bit faster. I assume that having a P4 class CPU makes it a lot easier to be pushing bits across an internal LAN. While PFSense can act as a wireless access point, I didn't really need that functionality. I had already deprecated that duty from my old router as well. In case you're wondering what I use, I use an Apple Airport Express to handle the wireless duties in my network.

Network Storage

The second change I made was to reconstruct my file server. Because I have a Mac centric network, I had been using an x86 box running Tiger and Sharepoints to manage my shares. A couple of the drives went caca, which took down the server. I had toyed with the idea of trying to get a square peg (OSX) to fit into a round hole (x86 white box) wasn't very appetizing. While the AFP file access was blistering fast, the care and feeding was more than I wanted to deal with. In the end, I opted to use FreeNas. I loaded the box up with 6 drives and got down to business. One of the volumes is set to RAID1, and the other is RAID5.

A word of caution. Everyone tells you to use RAID5 because it's the best compromise between speed and redundancy, but remember that RAID only helps you with physical drive failures, not viruses, accidents or other hazards. Caveat emptor.

The great thing about FreeNAS is that it's versatile. It supports AFP and SMB out of the box. It also provides a couple of other niceties such as iTunes and DNLA media serving. As with any storage solution, make sure you have offline backups. Without those, you're toast if something goes wrong. Once again, RAID is not an insurance policy, only a convenience.