A possible client inquired re putting a specific PC into the cloud, as currently accessing this PC via TeamViewer etc is a pain for them. When they were on the same physical LAN, they “have an .exe” to click which allowed them to use the software in question. This PC holds legal data, so security is NB. The idea of this sitting “in the wild” doesn’t sit well with me.
They do not have a firewall in place that I could use as a VPN server & there is no stock of PFS 1100 or 3100’s in my country.
Company who design the software have no cloud solutions & suggested “Just RPD into the PC”… Which will never happen if I have my way, unless over a PFS/OpenVPN server.
Current IT company proposes that the PC in question gets virtualised, connected to a VPN and then accessed this way via staff connecting to the VPN. IF they have a hot VM spare aswell, then I think its a good solution, although it comes with some licensing costs & can take a few days to be up and running.
Q1 - Where to start with finding a secure & fast host to virtualise the system to. Not sure how much space is needed, I assume < 250GB. I’ve never moved a system into the cloud. I’ll virtualize a clone of the system and play with it so long.
Q2 - My thinking (as I can’t install a PFSense box right now) is to use ZeroTier, connect them to it & adjust things as needed be get things working.
We don’t clone into the cloud, we configure a system then load the software on it. Azure is a popular choice for hosting Windows severs, but no matter where you put it, the cost will be much higher than on prem. ZeroTier is a good solution for this.
pfSense computers are cheap and easy to build, no need to go with a netgate device if cost in an issue. You can buy (at least here in the USA) used HP t620+ thin clients with quad port NIC installed for $160usd, mine is working just fine and installing pfSense is simple. Then you can set up a VPN at the office and vpn on each client. Any old PC can be used to start a pfSense system, the HP t610+ is cheaper by half in this country.
I have a more powerful pfSense computer at work, and built site to site openVPN between home and work, so can’t really help on computer to work VPN options, all I know is that openVPN has many connection options, or you could use a different VPN choice because there are many built into pfSense.
Having a good firewall at a legal office seems like a good thing to have anyway.
Thanx @Greg_E I do agree, a decent firewall at a legal prac is a good thing.
I’m a huge fan of PSense & love the fact you can DIY on it on practically anything CPU / RAM wise, with a decent NIC. That said , when it comes to a business I will only install a official PFS box.
That said, the practice is “at day1” when it comes to I.T .; One director is scared of I.T & this is their current backup “system”
HDD - Data X
HDD2 - Data Y
There is NO actual backup. Their primary software suite which is literally the core of the buisiness , has no backup. I told the one director yesterday that I’m prepared to courier them a NAS with 2x 3TB disk in, just so they can do a damn backup that can then be uploaded after being zipped with a secure password.
Part of me wants to just walk away, and part of me wants to put them on a solid grounding (IT wise) as one small business owner, to another.
What I’d like to do is atleast get a proper backup going for them (incl hot redundancy ; offsite backups via backblaze & OneDrive / G-Drive. Once that is done, then we can move forward towards probably having to install a custom PFS box for now.
First off, cloning into a cloud is a not recommended. You don’t want to do that due to the fact that the cloud boot environment is provisioned for you and you also don’t want drivers getting in the way.
Can I ask how many users are in that office and what the office connection speed is?