Case Study

Case Study XYZ International Australia
XYZ International is a real Christian mission. In the interests of privacy their name have been removed.

In January 2003, XYZ's office had a network of approximately 11 desktops/laptops, 3 printers, an NT server running on a Dell 1400SC server (Dual Pentium III 933MHz processor, 512Mb RAM and an 18Gb U160 SCSI 10K  HDD, with IDE Travan TR5 tape drive). The office was connected to the internet using a Telstra ADSL with a dynamic IP address connection using an Alcatel modem and dedicated router.

XYZ was interested in investigating the use of Linux based servers internationally, and they were wanting to avoid purchasing Win2000 plus CALs. XYZ International had also requested the installation of a Linux based firewall/router called IPCop so that future IS developments could be supported using a VPN. They were also experiencing problems with the ADSL connection dropping out regulalry and issues using their EftPOS processing terminal.

SME Server
Crosscape Technology Ltd suggested replacing NT with the Mitel SME server (also known as e-smith and now released to the community as SMEserver). This is a customised installation of Redhat Linux, with a number of features to provide similar features to the MS Small Business server, such as file serving, web serving, email delivery and a basic firewall. Most management is performed using a web interface. XYZ was considering transferring mail delivery to an internal server in the future, when a static IP address was obtained, rather than using an external server for all mail delivery.

SME version 5.5 was installed on the Dell server after all data was backed up using an NT backup and copied to another PC. Another (almost identical) disk was installed in the server, with the aim of creating a mirror disk system. However SME only supports this when the disks have identical layouts, and these didn't quite match. A lesson learnt is that for automatic disk mirroring on installation with SME the disks must be totally identical. (This is a limitation of the installation scripts, and not Linux per se).

Once installed a number of disk layouts were trialled. The SME allows different shares to be accessible by different groups which users can belong to. Sometimes it is simpler to use a simple filesystem arrangement, although it  lessens security. The aim was to separate a number of functions, but in practice it was found that this did not match work practices.

One slight downfall of the SME server is in printer administration. The web interface does not allow printer management such as cancelling jobs. Users can cancel their own print jobs.

The SME server backs up its data to the Travan tape drive installed.
It was hoped by XYZ that a Firewire disk would be able to be connected to the server, however suitable drivers were not available in the version of Linux used in the SME server.

Since initial installation a number of extra capabilities have been added to the SME server. It now acts as the mail server for the domain, after moving to a different ADSL supplier with a static IP address. Capability has been added to manage vacation messages. A test area for the organisation's website was established on the server.

Crosscape is able to remotely access the SME server using a secure, encrypted ssh session to administer and customise the system using line commands.
Sustained file transfer performance increased by about 35% for large files, and approximately 80% for small files.

IPCop is also a customised Linux install providing a routing and firewall capability on a PC, including an IPSEC VPN capability. There are additional modules available to provide other capabilities, such as filtering by content, a module which XYZ was to later install. XYZ International had specified its use so as to enable the establishment of a VPN with its offices in Europe for support purposes. XYZ downloaded and installed a CD image on a suitable 'low powered' PC with dual network cards. Crosscape configured this as a firewall, allowing email transit to the internal SME server for mail delivery when that function was desired.

This replace the existing router, and actually provided increased security, and stability.

ADSL network performance improved by approximately 50% after this change. This may be partially attributable to a web cache provided by the IPCop system.
Security was increased by replace the NAT router with NAT and Packet filtering.

XYZ's have an EftPOS facility which shares the same line as the ADSL line. It was noted that there were problems with both the EftPOS and the ADSL, and it was discovered that the ADSL filter had not been installed in the correct place, so that they were interfering with each other. This may have been the cause of the instability in both services.

Swiftel static IP
XYZ Australia wanted to obtain a static IP address so that their email could be directed to their SME server for deliver, andalso allow the possibility of remote access. Having a static IP address would also make it easier to establish the VPN network. They also wanted to reduce their ADSL costs, and increase their capacity. Crosscape Technology have identified ADSL packages which are significantly cheaper than the Telstra offerings, and provide relaible service. After consultation, XYZ transferred to a Swiftel ADSL produuct.

The move to Swiftel has provided approximately a 10% improvement in ADSL access speed.

Reliability has increased, with outages normally only occurring once a week.

After changing ADSL suppliers and receiving a static IP address which could be published as the place to deliver email, the SME Server and relevant DNS services where configured so that email for the domain was delivered to the SME Server. This required a small change to each PC in the office to collect email from the server. One hitch in the process was due to the ISP which was hosting the domain, web pages and email. They did not smoothly change the DNS, so the records were invalid for a period of time. This was unfortunate and a product of their documentation.

XYZ was able to reduce it's reliance on Microsoft Products and reduce license fees, while improving performance and functionality using the same hardware. By changing ISPs they reduced costs and increased performance and functionality of their broadband solution.