Dedicated OpenStack Swift Windows Drive now available

Post Updated October 6th 2016

We now have plenty of companies and ISP’s who are using our full Enterprise File Share and Sync solution for OpenStack but we have long been approached by companies asking if they could have just the drive piece of our functionality available that works in a dedicated fashion outside of our full EFSS solution.

To that end we are pleased to announce the release of a dedicated OpenStack Windows CIFS Drive that is a standalone installer that works directly with OpenStack Swift instances.

Install is simple:

OpenStack Drive InstallerOpenStack Cloud Drive

Continue reading “Dedicated OpenStack Swift Windows Drive now available”

Facebooktwitterredditpinterestlinkedinmailby feather

WebDav the interoperable protocol for file and document access

WebDav is an acronym for Web Distributed Authoring and Versioning and can also be referred to as just plain old DAV.

WebDav is an extension of the HTTP protocol that was originally designed by Jim Whitehead from the University of California at Santa Cruz in 1996 when he was working at the World Wide Web consortium and it later became an Internet Engineering Task Force (IETF) standard.

WebDav was built as an interoperable standard to support remote collaborative authoring of Web sites and individual documents, as well as remote access to document based systems.

Today it It is the most popular network file-system protocol for use across the Internet, and although it has been integrated as a interoperable layer into many existing product implementations it is also notably missing as an interoperable API standard from many, such as DropBox, Google Drive, Amazon S3 and more.

The Storage Made Easy WebDav Gateway

SME provide a way to access any mapped cloud by secure WebDav irrespective of whether the underlying Cloud Supports the WebDav protocol natively. As WebDav is so well supported in many desktop and mobile Apps this means that Cloud Data can easily be integrated and accessible without having to move it to access the features of a particular Application that is WebDav enabled.

Connecting to WebDav Servers and Windows Shares

SME can also be configured to connect to servers that support the WebDav protocol. This use of WebDav from a SME perspective is using WebDav as a back end cloud to store data rather than exposing existing clouds to be accessible using the WebDav protocol.

Many existing NAS or SAN devices such as those as the NetGear ReadyNAS and the Synology devices range already provide WebDav as an access protocol to access data. Also existing web servers such as Apache can also be configured to use WebDav using the Mod Dav extension.

Many users of SME want to expose windows file shares and make them directly available through the SME service to all devices. The most appropriate and secure way to do this is not to expose such shares directly but to configure Microsoft Internet Information Server to expose these shares over WebDav.

Advantages of WebDav for Windows File Sharing

This has the following advantages:

Seamless integration with the IIS Manager

A secondary protocol provides a security DMZ with regards to direct access to windows shares

IIS WebDAV can be enabled at the site level, allowing IT administrators to restrict WebDAV access to specific sites on a server.

IIS WebDAV supports per-URL authoring rules, allowing administrators to specify custom WebDAV security settings on a per-URL basis. This fine-grained control gives administrators the ability to maintain one set of security settings for normal HTTP requests and a separate set of security settings for WebDAV.

IIS WebDAV supports both shared and exclusive locks to prevent lost updates due to overwrites

WebDAV supports secure connection as well. By enabling HTTPS over all WebDAV connections, security is fortified. SSL certificates can also be installed to increases security measures

Why WebDav as a Cloud Connector ?

WebDAV is an optimized protocol for document access over http. It is proven as being latency independent and is efficient over wide area networks especially in contrast to file protocols such as NFS and CIFS.

Using secure WebDAV ensures the data is encrypted during transmission and due to the optimizations that data is stored efficiently and quickly .

Why Not The Common Internet File System (CIFS)

CIFS is the standard way that windows users share files across corporate intranets and the Internet with a secure VPN connection.

To expose such shares directly to the internet or to other none windows PC’s it is needed to use a bridging technology. Samba is often used as such as technology. With Samba, the ports 139/tcp and 445/tcp are exposed over a public IP Address. Once this is done such shares are accessible.

The drawbacks of this are:

– The CIFS protocol used by Windows file sharing does not provide data encryption

The protocol itself is quite chatty.

No level of security indirection

CIFS is is an optimized protocol for access to data over a network that has been extended by VPN and has been used in this context by many companies for a long time. The disadvantage of this is that all devices have to support , be setup, and work with the VPN. preventing access by some devices and Apps and making Adhoc ‘on the fly’ access difficult.

Securing WebDav Servers

It is beyond the scope of this blog post to go into great detail on the steps required to secure WebDav servers but Microsoft has a very good guide on how to secure the IIS WebDav Service. This can be accessed at:

http://technet.microsoft.com/en-us/library/cc778809%28v=ws.10%29.aspx

In addition to this you should note the following best practices:

Folder Permissions: Use non-anonymous authentication. Modify the NTFS permissions on the folder to only allow the access necessary to the users who require such access

Prevent File Execution: If you are only using WebDAV as a file store and not using it to display web pages, then execute permissions should be removed from that site or folder.

Apache WebDav servers can be configured to use LDAP authentication and also two factor authentication and any deployments should consider implementing these.

Facebooktwitterredditpinterestlinkedinmailby feather

Linux Cloud Drive Update

Beta 4 of the Linux Cloud Drive will be released soon. This will add the ability to share the Linux Cloud Drive as an SMB/CIFS resource via Samba to networks that can mounts SMB/CIFS shares such as windows.

This provides a very easy mechanism to share clouds mounted via the SMEStorage Cloud Gateway to multiple network resources. Many public storage clouds can be shared this way, such as Amazon S3, Google Docs, RackSpace CloudFiles, MobileMe, Mezeo and many more. Importantly, SMEStorage also supports WebDav Resource endpoints which give companies an easy way to share legacy resources within a cloud files system environment directly from the desktop or command line.

The Linux Cloud Drive beta 4 will be released before the end of May.

Facebooktwitterredditpinterestlinkedinmailby feather

How to build your own Private Cloud / Sharepoint replacement using Openfiler and SME

There are many ways to design and build an internal Private storage cloud. The components that you need are:

1. Some form of  Network Attached Storage
2. Some form of File Server to enable access to the files
3. Other Data Access or entry points dependent on the access type required

SME provides a data access gateway with rich data access points to files that are stored on the cloud. Our SaaS offering is multi-tenant and can be used with many clouds, such as Google Docs, Amazon S3, Microsoft SkyDrive, RackSpace Cloud Files etc. It can also be used with Private Cloud Storage through the use of FTP, WebDav, or any REST based Cloud API which can be added into our multi-cloud API in under a week.

SME acts as an enabler for richer features and functions of other storage clouds or storage file systems, providing rich tooling, clients and solutions such as our Cloud File Server.

We think of ourselves as  a data access solutions provider. Storage is getting more commoditised by the day and we believe that it’ what you can do with your files and storage that provides the real value.

Aside from the multi-tenant hosted version of SME we also provide SME as an appliance which can run in-house as an enabler for rich access and solutions for storage platforms.

This blog post will describe how easy it is to be build out your own Private Cloud using OpenFiler, an operating system that provides file-based network-attached storage and block-based storage area network, and SME (and you can use either the SaaS hosted edition or the appliance).

Openfiler supports:

  • CIFS/SMB support for Microsoft Windows-based clients
  • NFSv3 support for all UNIX clients with support for ACL protocol extensions
  • NFSv4 support
  • FTP support
  • WebDAV and HTTP 1.1 support

Combining OpenFiler with SME  enables your internal files to be available on all the SME supported devices (web, windows, Mac, Linux iPhone, Blackberry etc) plus the features of the Organisation Cloud platform which enable a powerful File sharing / File access / Collaboration / Intranet/  Sharepoint type platform.

Below are the step by step instructions  to enable Openfiler NAS storage access via the SME platform.

1. Download Openfiler form http://www.openfiler.com/community/download/ For this exercise we downloaded the open filer  VMware image

2. Add a SCSI drive to the VMware Image instance

3. Start the Openfiler VMware Instance and note the browser url

4. Open your browser and login default username/password is openfiler/password

5. Add a volume group and volume in openfiler

6. Enable HTTP / WebDAV server service

7. Add SME to access the openfiler in Network Access configuration

8. Create a share for the volume you created

9. Allow RW access and Public guest access(though this can be configured with security) on WebDav protocol from SME on the share

10. Make sure you can access the shared folder via http using your public ip address

11. Go to StorageMadeEasy.com and add the shared folder as  a webDav provider

12. If you have existing files in Openfiler then you can sync them now or anyother time.In this case we don’t have any files to sync.

13. Go to the SME File Manager where you can see OpenFiler has been added

14. Now you can use the full functionality of the SME platform and Cloud access tools using OpenFiler as the backend storage provider

In summary we’ve shown how to setup OpenFiler to work with Storage Made Easy. In a future post we’ll show how SME can be used to automatically sync files to Amazon S3 or Google Docs (or other clouds).

As outlined in introduction to this post, Storage Made Easy can be used as an onsite appliance with OpenFiler rather than the hosted model being used. If this is of interest to you then please contact us.

Facebooktwitterredditpinterestlinkedinmailby feather