ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Why you don't need a VPN or not?

    Scheduled Pinned Locked Moved IT Discussion
    109 Posts 12 Posters 10.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • scottalanmillerS
      scottalanmiller @Dashrender
      last edited by

      @Dashrender said in Why you don't need a VPN or not?:

      The speedbump in this whole discussion is the use of shared files. WebDav can create a SMB like connection (but is SMB/Samba really that much less secure than WebDav?)

      SMB is a protocol. Samba is a server. WebDAV is a protocol.

      Avoid SMB/Samba like terms, because they are different things. Like HTTP is a protocol, and Apache, IIS, and Nginx are HTTP servers.

      You can compare SMB to WebDAV, but you can't compare Samba to WebDAV.

      1 Reply Last reply Reply Quote 0
      • scottalanmillerS
        scottalanmiller @Dashrender
        last edited by scottalanmiller

        @Dashrender said in Why you don't need a VPN or not?:

        At least with Office and SharePoint, it's integrated and works seemlessly.

        I haven't used NC enough to know - is there an Office add-in that allows this type of integration?

        Same with LibreOffice and NextCloud.

        1 Reply Last reply Reply Quote 0
        • scottalanmillerS
          scottalanmiller @Dashrender
          last edited by

          @Dashrender said in Why you don't need a VPN or not?:

          I see in the OnlyOffice thread that there is now talk of that kind of integration between NC and OnlyOffice local install - this will be a huge boon.

          Been around for a long time, they are just improving it.

          1 Reply Last reply Reply Quote 0
          • scottalanmillerS
            scottalanmiller @Dashrender
            last edited by

            @Dashrender said in Why you don't need a VPN or not?:

            But I don't see that working very well for large files - say AutoCAD or even some graphics files.

            True, but SMB doesn't work great for that, either.

            DashrenderD 1 Reply Last reply Reply Quote 0
            • DashrenderD
              Dashrender @coliver
              last edited by

              @coliver said in Why you don't need a VPN or not?:

              @Dashrender Kind of. SMB is an inherently LAN-Centric protocol that wouldn't work well over the WAN and can be much harder to secure without central authentication/authorization.

              WebDAV is a protocol built on top of HTTP and thus has none of the latency related downfalls of SMB. It also can use dozens of different forms of authentication/authorization which makes it a bit more modular.

              Again - I KNOW. /sigh. The point wasn't the underlying security function - it was the user interaction. Users don't give a shit about security - they only care about function. They HATE the idea of having to download a file, then edit it, then upload it again to a website. Using WebDAV allows their old SMB workflows to function exactly as they did before. This was my one and only point.
              I'm irked I had to go all JB here.

              1 Reply Last reply Reply Quote 0
              • scottalanmillerS
                scottalanmiller @Obsolesce
                last edited by

                @Obsolesce said in Why you don't need a VPN or not?:

                @Dashrender said in Why you don't need a VPN or not?:

                @Obsolesce said in Why you don't need a VPN or not?:

                @Dashrender said in Why you don't need a VPN or not?:

                WebDav can create a SMB like connection (but is SMB/Samba really that much less secure than WebDav?)

                WebDav is a protocol that is an extension of http. It itself has nothing to do with SMB.

                I know besides the point, just clarifying.

                LOL - yep I know - my point was only that it allows people to map a drive like we've been doing forever in Windows and browse around, then launch directly from the share. Unlike searching a NC webpage, which would then require downloading the file, then opening it, saving it locally, then copying it back to the NC webpage.

                IMHO, you've paid more in resources putting together hardware, time, energy, maintenance, planning, etc... doing it yourself with NC/OnlyOffice/proxy/backup/etc, for up to 20 users with many limitations... than it would cost for a hand full of O365 licenses and be done with it.

                Yeah it's great for home use or for a PoC before purchasing a non-CE edition, or just for simple basic needs in a small SMB up to 20 users... which I'm sure there are quite a bit of cases that would work great for.

                The resources to build that stuff isn't that much, and saves a ton of money quickly, even with 20 users. O365 requires a lot of management work that people often overlook. Maybe not as much as building your own, but a lot more than people actually consider. Zimbra takes some work to maintain, but saves us more on management time versus O365 Hosted Exchange. So not only do we save the monthly cost and get a better email system (okay, that bit is subjective, but we've found it way better), but you lower the management time on top of that savings!

                DashrenderD ObsolesceO 2 Replies Last reply Reply Quote 0
                • coliverC
                  coliver @Dashrender
                  last edited by

                  @Dashrender said in Why you don't need a VPN or not?:

                  But I don't see that working very well for large files - say AutoCAD or even some graphics files.

                  AutoDesk and Dessault both have toolkits to get around SMB limitations. I think most CAD vendors do actually.

                  scottalanmillerS DashrenderD 2 Replies Last reply Reply Quote 0
                  • scottalanmillerS
                    scottalanmiller @coliver
                    last edited by

                    @coliver said in Why you don't need a VPN or not?:

                    @Dashrender said in Why you don't need a VPN or not?:

                    But I don't see that working very well for large files - say AutoCAD or even some graphics files.

                    AutoDesk and Dessault both have toolkits to get around SMB limitations. I think most CAD vendors do actually.

                    Yes, CAD is something that basically always does LANless on its own. It has special needs and normally handles them. You don't use NextCloud or anything like it, nor do you use SMB or anything like that.

                    DonahueD 1 Reply Last reply Reply Quote 0
                    • DashrenderD
                      Dashrender @scottalanmiller
                      last edited by

                      @scottalanmiller said in Why you don't need a VPN or not?:

                      @Dashrender said in Why you don't need a VPN or not?:

                      But I don't see that working very well for large files - say AutoCAD or even some graphics files.

                      True, but SMB doesn't work great for that, either.

                      Well, for remote file storage, I haven't seen anything else in use - though I'm guessing you have for these situations.

                      scottalanmillerS 1 Reply Last reply Reply Quote 0
                      • DashrenderD
                        Dashrender @scottalanmiller
                        last edited by

                        @scottalanmiller said in Why you don't need a VPN or not?:

                        @Obsolesce said in Why you don't need a VPN or not?:

                        @Dashrender said in Why you don't need a VPN or not?:

                        @Obsolesce said in Why you don't need a VPN or not?:

                        @Dashrender said in Why you don't need a VPN or not?:

                        WebDav can create a SMB like connection (but is SMB/Samba really that much less secure than WebDav?)

                        WebDav is a protocol that is an extension of http. It itself has nothing to do with SMB.

                        I know besides the point, just clarifying.

                        LOL - yep I know - my point was only that it allows people to map a drive like we've been doing forever in Windows and browse around, then launch directly from the share. Unlike searching a NC webpage, which would then require downloading the file, then opening it, saving it locally, then copying it back to the NC webpage.

                        IMHO, you've paid more in resources putting together hardware, time, energy, maintenance, planning, etc... doing it yourself with NC/OnlyOffice/proxy/backup/etc, for up to 20 users with many limitations... than it would cost for a hand full of O365 licenses and be done with it.

                        Yeah it's great for home use or for a PoC before purchasing a non-CE edition, or just for simple basic needs in a small SMB up to 20 users... which I'm sure there are quite a bit of cases that would work great for.

                        The resources to build that stuff isn't that much, and saves a ton of money quickly, even with 20 users. O365 requires a lot of management work that people often overlook. Maybe not as much as building your own, but a lot more than people actually consider. Zimbra takes some work to maintain, but saves us more on management time versus O365 Hosted Exchange. So not only do we save the monthly cost and get a better email system (okay, that bit is subjective, but we've found it way better), but you lower the management time on top of that savings!

                        What management do you find yourself doing for hosted Exchange? I have a customer on it - and other than making new users/groups/alias, there isn't much to it.

                        scottalanmillerS 1 Reply Last reply Reply Quote 0
                        • scottalanmillerS
                          scottalanmiller @Dashrender
                          last edited by

                          @Dashrender said in Why you don't need a VPN or not?:

                          @scottalanmiller said in Why you don't need a VPN or not?:

                          @Dashrender said in Why you don't need a VPN or not?:

                          But I don't see that working very well for large files - say AutoCAD or even some graphics files.

                          True, but SMB doesn't work great for that, either.

                          Well, for remote file storage, I haven't seen anything else in use - though I'm guessing you have for these situations.

                          We see other things when the shops are beyond a handful of users.

                          1 Reply Last reply Reply Quote 0
                          • DashrenderD
                            Dashrender @coliver
                            last edited by

                            @coliver said in Why you don't need a VPN or not?:

                            @Dashrender said in Why you don't need a VPN or not?:

                            But I don't see that working very well for large files - say AutoCAD or even some graphics files.

                            AutoDesk and Dessault both have toolkits to get around SMB limitations. I think most CAD vendors do actually.

                            Not that I've dealt with this in a long time - please share what you know - I'm interested.

                            scottalanmillerS coliverC 2 Replies Last reply Reply Quote 0
                            • scottalanmillerS
                              scottalanmiller @Dashrender
                              last edited by

                              @Dashrender said in Why you don't need a VPN or not?:

                              @scottalanmiller said in Why you don't need a VPN or not?:

                              @Obsolesce said in Why you don't need a VPN or not?:

                              @Dashrender said in Why you don't need a VPN or not?:

                              @Obsolesce said in Why you don't need a VPN or not?:

                              @Dashrender said in Why you don't need a VPN or not?:

                              WebDav can create a SMB like connection (but is SMB/Samba really that much less secure than WebDav?)

                              WebDav is a protocol that is an extension of http. It itself has nothing to do with SMB.

                              I know besides the point, just clarifying.

                              LOL - yep I know - my point was only that it allows people to map a drive like we've been doing forever in Windows and browse around, then launch directly from the share. Unlike searching a NC webpage, which would then require downloading the file, then opening it, saving it locally, then copying it back to the NC webpage.

                              IMHO, you've paid more in resources putting together hardware, time, energy, maintenance, planning, etc... doing it yourself with NC/OnlyOffice/proxy/backup/etc, for up to 20 users with many limitations... than it would cost for a hand full of O365 licenses and be done with it.

                              Yeah it's great for home use or for a PoC before purchasing a non-CE edition, or just for simple basic needs in a small SMB up to 20 users... which I'm sure there are quite a bit of cases that would work great for.

                              The resources to build that stuff isn't that much, and saves a ton of money quickly, even with 20 users. O365 requires a lot of management work that people often overlook. Maybe not as much as building your own, but a lot more than people actually consider. Zimbra takes some work to maintain, but saves us more on management time versus O365 Hosted Exchange. So not only do we save the monthly cost and get a better email system (okay, that bit is subjective, but we've found it way better), but you lower the management time on top of that savings!

                              What management do you find yourself doing for hosted Exchange? I have a customer on it - and other than making new users/groups/alias, there isn't much to it.

                              New users, groups, folders... it's so slow and convoluted with Exchange. Dead simple with Zimbra.

                              Go look into making an alias or a DL on Exchange. I'll have five made and done on Zimbra before you've found the right page on O365.

                              We manage customers and often have to spend 30+ minutes trying to find the group, user, folder, etc. that they are wanting modified because Exchange has no central or deterministic way to locate all resources. You can't even manage it all in the same place. Users and groups in one tool, folders and flows in a completely different one!

                              black3dynamiteB 1 Reply Last reply Reply Quote 1
                              • scottalanmillerS
                                scottalanmiller @Dashrender
                                last edited by

                                @Dashrender said in Why you don't need a VPN or not?:

                                @coliver said in Why you don't need a VPN or not?:

                                @Dashrender said in Why you don't need a VPN or not?:

                                But I don't see that working very well for large files - say AutoCAD or even some graphics files.

                                AutoDesk and Dessault both have toolkits to get around SMB limitations. I think most CAD vendors do actually.

                                Not that I've dealt with this in a long time - please share what you know - I'm interested.

                                It's nothing special, each of the big vendors makes their own "cloud tool" to bypass SMB and other LAN-based storage, but with CAD awareness so that it can work with these kinds of files effectively.

                                coliverC 1 Reply Last reply Reply Quote 0
                                • coliverC
                                  coliver @Dashrender
                                  last edited by

                                  @Dashrender said in Why you don't need a VPN or not?:

                                  @coliver said in Why you don't need a VPN or not?:

                                  @Dashrender said in Why you don't need a VPN or not?:

                                  But I don't see that working very well for large files - say AutoCAD or even some graphics files.

                                  AutoDesk and Dessault both have toolkits to get around SMB limitations. I think most CAD vendors do actually.

                                  Not that I've dealt with this in a long time - please share what you know - I'm interested.

                                  Dessault has Solidworks PDM (https://www.solidworks.com/category/product-data-management) which is a massive piece of software that uses a database and IIRC web protocol to transfer data. It solves the latency and file locking issues that plagues SMB when doing large files that change very frequently.... on top of dozens of other enhancements.

                                  AutoDesk does the same thing with Vault (I think, it has changed names and feature sets a few times).

                                  DashrenderD 1 Reply Last reply Reply Quote 1
                                  • coliverC
                                    coliver @scottalanmiller
                                    last edited by

                                    @scottalanmiller said in Why you don't need a VPN or not?:

                                    @Dashrender said in Why you don't need a VPN or not?:

                                    @coliver said in Why you don't need a VPN or not?:

                                    @Dashrender said in Why you don't need a VPN or not?:

                                    But I don't see that working very well for large files - say AutoCAD or even some graphics files.

                                    AutoDesk and Dessault both have toolkits to get around SMB limitations. I think most CAD vendors do actually.

                                    Not that I've dealt with this in a long time - please share what you know - I'm interested.

                                    It's nothing special, each of the big vendors makes their own "cloud tool" to bypass SMB and other LAN-based storage, but with CAD awareness so that it can work with these kinds of files effectively.

                                    This is a good way to describe it. These softwares do make a "cloud-like" environment for users. Still a pain in the butt over the WAN.

                                    1 Reply Last reply Reply Quote 1
                                    • ObsolesceO
                                      Obsolesce @scottalanmiller
                                      last edited by

                                      @scottalanmiller said in Why you don't need a VPN or not?:

                                      @Obsolesce said in Why you don't need a VPN or not?:

                                      @Dashrender said in Why you don't need a VPN or not?:

                                      @Obsolesce said in Why you don't need a VPN or not?:

                                      @Dashrender said in Why you don't need a VPN or not?:

                                      WebDav can create a SMB like connection (but is SMB/Samba really that much less secure than WebDav?)

                                      WebDav is a protocol that is an extension of http. It itself has nothing to do with SMB.

                                      I know besides the point, just clarifying.

                                      LOL - yep I know - my point was only that it allows people to map a drive like we've been doing forever in Windows and browse around, then launch directly from the share. Unlike searching a NC webpage, which would then require downloading the file, then opening it, saving it locally, then copying it back to the NC webpage.

                                      IMHO, you've paid more in resources putting together hardware, time, energy, maintenance, planning, etc... doing it yourself with NC/OnlyOffice/proxy/backup/etc, for up to 20 users with many limitations... than it would cost for a hand full of O365 licenses and be done with it.

                                      Yeah it's great for home use or for a PoC before purchasing a non-CE edition, or just for simple basic needs in a small SMB up to 20 users... which I'm sure there are quite a bit of cases that would work great for.

                                      The resources to build that stuff isn't that much, and saves a ton of money quickly, even with 20 users. O365 requires a lot of management work that people often overlook. Maybe not as much as building your own, but a lot more than people actually consider. Zimbra takes some work to maintain, but saves us more on management time versus O365 Hosted Exchange. So not only do we save the monthly cost and get a better email system (okay, that bit is subjective, but we've found it way better), but you lower the management time on top of that savings!

                                      In my personal experience for a multi-domain world-wide SMB of managing roughly 400 O365 licenses, It's honestly not been much overhead. That's the whole O365 suite (azure ad, office suite, sharepoint, email, etc), not just the Office suite. Any maintenance I do now would be done regardless of the solution... helping a user with the Office suite, contacting support to find a checkbox, etc... like creating users and things associated with that. So I don't see it as extra.

                                      What I was referring to was backup maintenance, updating things, etc... it's not just one server, it's multiple as I described in another post, like reverse proxies, backup servers/storage, storage, email servers, I mean the list goes on. And each server requires maintenance, backup, etc... It adds up to way more than hosted O365.

                                      I can't imagine doing that with a few handfuls of different adhoc software and servers by myself... that would be insane.

                                      But I suppose we're talking about up to a 20-user shop, because that's all you can do with CE.

                                      coliverC scottalanmillerS 4 Replies Last reply Reply Quote 0
                                      • coliverC
                                        coliver @Obsolesce
                                        last edited by

                                        @Obsolesce said in Why you don't need a VPN or not?:

                                        @scottalanmiller said in Why you don't need a VPN or not?:

                                        @Obsolesce said in Why you don't need a VPN or not?:

                                        @Dashrender said in Why you don't need a VPN or not?:

                                        @Obsolesce said in Why you don't need a VPN or not?:

                                        @Dashrender said in Why you don't need a VPN or not?:

                                        WebDav can create a SMB like connection (but is SMB/Samba really that much less secure than WebDav?)

                                        WebDav is a protocol that is an extension of http. It itself has nothing to do with SMB.

                                        I know besides the point, just clarifying.

                                        LOL - yep I know - my point was only that it allows people to map a drive like we've been doing forever in Windows and browse around, then launch directly from the share. Unlike searching a NC webpage, which would then require downloading the file, then opening it, saving it locally, then copying it back to the NC webpage.

                                        IMHO, you've paid more in resources putting together hardware, time, energy, maintenance, planning, etc... doing it yourself with NC/OnlyOffice/proxy/backup/etc, for up to 20 users with many limitations... than it would cost for a hand full of O365 licenses and be done with it.

                                        Yeah it's great for home use or for a PoC before purchasing a non-CE edition, or just for simple basic needs in a small SMB up to 20 users... which I'm sure there are quite a bit of cases that would work great for.

                                        The resources to build that stuff isn't that much, and saves a ton of money quickly, even with 20 users. O365 requires a lot of management work that people often overlook. Maybe not as much as building your own, but a lot more than people actually consider. Zimbra takes some work to maintain, but saves us more on management time versus O365 Hosted Exchange. So not only do we save the monthly cost and get a better email system (okay, that bit is subjective, but we've found it way better), but you lower the management time on top of that savings!

                                        In my personal experience for a multi-domain world-wide SMB of managing roughly 400 O365 licenses, It's honestly not been much overhead. That's the whole O365 suite (azure ad, office suite, sharepoint, email, etc), not just the Office suite. Any maintenance I do now would be done regardless of the solution... helping a user with the Office suite, contacting support to find a checkbox, etc... like creating users and things associated with that. So I don't see it as extra.

                                        What I was referring to was backup maintenance, updating things, etc... it's not just one server, it's multiple as I described in another post, like reverse proxies, backup servers/storage, storage, email servers, I mean the list goes on. And each server requires maintenance, backup, etc... It adds up to way more than hosted O365.

                                        I can't imagine doing that with a few handfuls of different adhoc software and servers by myself... that would be insane.

                                        But I suppose we're talking about up to a 20-user shop, because that's all you can do with CE.

                                        I'm in the same boat... plus I've automated like 90% of the administration tasks we had been doing on a daily basis.

                                        1 Reply Last reply Reply Quote 0
                                        • scottalanmillerS
                                          scottalanmiller @Obsolesce
                                          last edited by

                                          @Obsolesce said in Why you don't need a VPN or not?:

                                          In my personal experience for a multi-domain world-wide SMB of managing roughly 400 O365 licenses, It's honestly not been much overhead. That's the whole O365 suite (azure ad, office suite, sharepoint, email, etc), not just the Office suite. Any maintenance I do now would be done regardless of the solution... helping a user with the Office suite, contacting support to find a checkbox, etc... like creating users and things associated with that. So I don't see it as extra.

                                          We have over 350 with a high turnover rate (5-20 per week and small growth). So we have a fair comparison against Zimbra. And while the overhead isn't terrible for Exchange, it's terrible in comparison to their competition. Every task is slow (it can take an hour for O365 to action something that takes a second or two on Zimbra), requires loads of screens, and often requires an IT person to do a task an admin should be able to handle. It is just complicated enough, and inconsistent, that it requires someone trained that really understands the pieces.

                                          Zimbra does the same tasks in a fraction of the steps, in a fraction of the time, and in a much more straightforward manner.

                                          It adds up. It's so bad with Exchange that we spent a lot of resources building automation to get around the worst of it, and even the automation takes longer for MS to respond to the requests, that Zimbra takes to do manually!

                                          ObsolesceO 1 Reply Last reply Reply Quote 1
                                          • scottalanmillerS
                                            scottalanmiller @Obsolesce
                                            last edited by

                                            @Obsolesce said in Why you don't need a VPN or not?:

                                            What I was referring to was backup maintenance, updating things, etc... it's not just one server, it's multiple as I described in another post, like reverse proxies, backup servers/storage, storage, email servers, I mean the list goes on. And each server requires maintenance, backup, etc... It adds up to way more than hosted O365.

                                            That's my point exactly .... doing both I can tell you for certain it doesn't. All those patches, backups, etc. get automated and take nearly zero effort. It's much less effort to do those simple, automated tasks, than to put in the effort to manage O365.

                                            It simply doesn't add up to more. Not even close.

                                            1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 6
                                            • 5 / 6
                                            • First post
                                              Last post