Month: November 2012

Claranet’s VDC wins Best IaaS Technology of the Year at SVC Awards 2012

Claranet wins a third UK industry award for its Infrastructure-as-a-Service offering, Virtual Data Centre (VDC) at the Achievements in Storage, Virtualisation and Cloud Computing (SVC) Awards 2012.

The SVC Awards honoured the cream of the IT industry – recognising IT projects and channel players, alongside vendors. Claranet VDC was awarded IaaS Technology of the Year following a two-stage judging process, which saw entries assessed by a panel of industry experts before being shortlisted for a public vote.

Michel Robert, managing director, Claranet UK, said: “This is the third major award that we have won in the UK this year for VDC, but the first that is awarded by the public. This is a huge vindication for the service, the hard work that the team put into building it, and also for commitment to listening to the market’s requirements and concerns when we were designing VDC. Before launching the service, we conducted in-depth research into the key concerns of end users, and found that the top three worries were reliability and accountability, data sovereignty and ease of migration.

“We designed Claranet Virtual Data Centre specifically to tackle these legitimate concerns, by building a service that featured integrated networking, a hypervisor-agnostic platform, hosted exclusively in-country data centres. The response from the media, analysts and, above all customers has been terrific, and to win the public’s approval at the SVC Awards is the perfect cap to a fantastic year for the company.”

Claranet’s Virtual Data Centre enables organisations to migrate to the cloud rapidly and with ease, using its self-service portal. The portal enables end-users to manage both dedicated and shared cloud platforms from a ‘single-pane-of-glass’. Users are therefore able to merge existing cloud servers into logical applications and template them for deployment via a simple drag-and-drop interface, all within minutes. In addition, the cloud portal delivers server and resource provisioning ‘on-the-fly’, as well as an ability to migrate from an existing virtual server platform into the Claranet Virtual Data Centre.

Find out more:

  • For more information about Claranet’s award-winning Virtual Data Centre, visit Virtual Data Centre
  • For more information about Claranet’s hosting portfolio, visit hosting services
  • For our blog article Claranet’s Virtual Data Centre picks up another award in time for its first birthday, click here

Claranet acquires Star in a deal valued at £55 million

This acquisition creates Europe’s largest mid-tier provider of integrated hosting and network services

November 23rd, 2012Claranet, one of Europe’s leading managed service providers, has acquired Star, a UK provider of managed technology services. The acquisition creates the largest mid-market provider of integrated hosting and network services in the UK and continental Europe.

Claranet is acquiring STH Limited and its subsidiary, Star Technology Services, in a deal valued at £55 million. The trading entities will be maintained and will become wholly owned by Claranet Limited.

Charles Nasser, CEO and Founder of the Claranet Group, stated:

From a market and customer perspective, this is a great opportunity to bring together the experience and resources of two great companies to deliver a broader service portfolio to benefit our customers. It’s our mission to help our customers make the most of internet-enabled technology, and the acquisition of Star will enable us to continue to deliver on this promise.

“This announcement confirms our ambition to become the clear European leader in the delivery of managed services,” he added. “This is nothing short of a British entrepreneurial success story, as both companies were founded here in the UK.”

Operating under the Claranet brand, the expanded company will have revenues of over £120 million, circa 700 staff, over 4,500 customers, and operations in the UK, France, Germany, the Netherlands, Spain and Portugal. Claranet’s customers will include Airbus, Amnesty International, Care UK, Channel 5, Veolia, Signet, CSH, IRIS, De Vere Hotels and Richmond Events.

The new business will have a service portfolio ranging from the data centre to the desktop. In addition to managed hosting and network services, which both companies provide to many customers, Star customers will be able to take advantage of Claranet’s pan-European, award-winning Infrastructure-as-a-Service (IaaS) offering, Virtual Data Centre, as well as advanced managed application hosting services. Meanwhile, Star’s strength in Unified Communications, remote desktop and advance security services will complement Claranet’s existing portfolio.

In addition, Star’s customers will be able to take advantage of Claranet’s European operations and benefit from the knowledge that the enlarged company is on a strong financial footing, with far greater purchasing power in the market.

Michel Robert, MD of Claranet UK, added:

Star is a leader in providing managed services in the UK and therefore a natural fit for Claranet. Star has developed a strong base of customers, has a well-defined service portfolio as well as a talented and dedicated team,”

“It is this very success that makes Star such a logical fit for Claranet, and as part of our continued investment in evolving our services, is one that will directly benefit our customers,” he added.

Ben White, co-founder of Star and a partner at the cloud-focused venture investor Notion Capital, added:

The cultural and strategic compatibility of the two businesses is second to none and I am confident that the enlarged group will go on to even greater things, creating significant opportunities for customers, partners and staff.”

The Royal Bank of Scotland (RBS), Ares Capital Europe and a minority investment by Abry Partners financed the acquisition.

Advisors on the transaction are Oakley Capital, acting for Claranet, and Ernst & Young, acting for Star.

Find out more:

  • For more information about Claranet visit Claranet limited
  • For more information about Star, visit Star

Configure Load Balancing on your Site using the the pfSense Firewall

Assumptions

This document assumes the following:

  • You have a need for load balancing TCP sessions over multiple servers.
  • You have a configured pfSense firewall up and running.
  • You are comfortable with the pfSense Firewall interface.

This document will configure load balancing for an example web site as shown in the diagram below:

image

Configure pfSense Firewall

First logon to your instance of the pfSense firewall.

clip_image002

 

Next select Services -> Load Balancer

clip_image004

You are then presented with the following page:

clip_image006

Select the “Monitors Tab”

clip_image008

Click on the “+” icon next to the “HTTP” rule, to duplicate the monitor:

clip_image010

Enter a new name and fill in the Host field if your web site utilises virtual hosts and click the “Save” button.

clip_image012

Click on the “Apply changes” button.

clip_image014

Next we need to create a new pool for the load balanced servers.  Click on the “+” icon.

clip_image016

Fill in the Name, Description, Port and Number of Retries.  Change the Monitor to TCP and add  the Server IP Addresses for the web servers, click the “Add to pool” button after you fill in each Server IP Address.  In our example the IP addresses are 192.168.10.2 and 192.168.10.3.

Make sure each IP address is listed as an Enabled Member.  Click on the “Save” button to save the configuration.

Click on the “Apply changes” button.

clip_image017

Next click on the “Virtual Servers” tab.

clip_image019

Click on the “+” icon to add a Virtual Server.

clip_image021

You should fill in the Name, Description, IP address (should be the IP address of the WAN interface), and the port field.  The remaining fields should be left as the defaults (assuming this is the first Load Balancing rule you have added).

clip_image023

Click the “Submit” button.

 

Click on the “Apply changes” button.

clip_image017

Finally we need to add a firewall rule to allow traffic to traverse the firewall.

Click “Firewall” – > “Rules”

clip_image025

Click the “+” icon at the bottom of the existing firewall rules.

clip_image027

Fill in the “Destination port range” as port 80.

clip_image029

Fill in a description, and click the “Save Button”.

clip_image031

 

The site should now be load balanced and traffic should flow through the firewall.

The file will then be downloaded.

By Jay Fearn Google

 

If your interested in using the Claranet VDC product please fill in your contact details below:

[recaptcha_form]

Configuring your First Virtual Appliance in the Claranet Virtual Data Centre

Login to the Virtual Datacentre Portal

 

To access with the Virtual Datacentre (VDC)  portal you must go to the following web page https://portal.claranet.com/cloud.

 

When you go to the cloud portal the following web page is displayed, to enabled you to login to the portal.  All configuration changes need to be made within the portal.

 clip_image002

User Names

The User entry box is where you enter the User Name you have been allocated, this is the email address that you provided.

Password

This is your password that was sent via email when you signed up the Claranet VDC service.

Remember Password

If you select this box then when you next login to the portal, your user name and password will be remembered.  Do not select this on a public/shared computer.

Language

Select your primary language.

Accept

Click here to login to the VDC portal.

 

 

 

VDC Main Screen

After you have logged onto the VDC portal you are presented with the main portal screen.  This screen is your looking glass into the VDC platform.

 

clip_image004

 

The screen is broken down into 5 sections:

 

1.     Menu Bar

2.     Enterprise Resources

3.     Virtual Datacentres

4.     Running Virtual Appliances

5.     Events

Menu Bar

The Menu Bar allows you to switch the display from the main screen to the following screens:

clip_image006

 

·         Virtual Datacenters

·         App library

·         Users

·         Events

·         Documentation

·         Support

·         User Details

 

Enterprise Resources

The Enterprise Resources section of the main screen shows the allocated resources as well as the amount of resources used.

clip_image008

In the above example the Enterprise Resources allocated are as follows:

·         3 – Virtual CPUs

·         40GB – Storage

·         6GB – Memory

·         100GB – External Storage

·         2 – VLANs

·         1 – Public IP Address

 

One of the VLANs is already in use, depicted by the red colour.

Note:  The difference between Storage and External Storage is:

·         Storage is the disk space that is used by the running operating system and is ephemeral in nature, i.e. when the virtual instance is un-deployed the changes made to the operating system is lost.

·         External Storage is storage that is persistent in nature and is mounted on the ephemeral operating system instance.

 

Virtual Datacentres

This section of the main screen shows the Virtual Datacenters that you have allocated resources in.

clip_image010

 

 

Running Virtual Appliances

This section of the main screen shows the amount of running Virtual Appliances.  A Virtual Appliance is a collection of Virtual Machines.

clip_image012

 

Events

This section of the main screen shows the events pertaining to you Virtual Datacenter.

clip_image014

 

Change Your Password

When you first login to the VDC Portal you will need to change the password you have been allocated, this is to ensure that only you know the password and increases security within your environment.

To change your password you need to click on your name in the top right hand corner of the menu bar, as highlighted in the red box on the graphic below:

clip_image016

 

 

 

When you click on your name, you will be presented with the following screen:

clip_image018

Enter your current password into the Current Password field, followed by your new password into the New Password and Repeat Password fields shown in the above screen shot.  Then click the accept button.  There will be no feedback, but rest assured your password will be changed to what you have entered into the New Password field.

Pre-Requisites to Your First Virtual Appliance

We first need to allocate a public IP address to your enterprise so that we can allocate it to the Virtual Firewall later in this guide.

 

clip_image020

·         Click on the Virtual Data Centres icon in the top menu bar

·         Click on the network tab.

·         Select you Virtual Data Centre on the left, in this example it’s STAFF_UK_HIT1.

·         Select Public to list the Public AP addresses allocated.

·         Click on the “+” key to add a public IP address.

You will then be presented with a list of available public IP addresses.  Select one and click accept:

clip_image022

 

 

Your First Virtual Appliance

The best way to learn how to use the Claranet VDC is to jump straight in and create a simple environment. 

We will be creating a single Virtual Appliance (a container) containing a single firewall and a single web server.  We will configure the firewall (basic configuration), allow traffic to the web server and patch the web server.   The end environment will look like the following diagram.

clip_image024


 

Create Virtual Appliance

To create a Virtual Appliance you need to select the “Virtual Datacenters” button on the Menu Bar.  The following screen will appear:

clip_image026

You will need to click on the + button in the bottom left of the right hand pane.  The following window will appear:

clip_image028

Enter the name for the Virtual Appliance and select, from the drop down menu, the Virtual Datacenter you want to deploy this Virtual Appliance into.  Click Accept.

An empty Virtual Appliance will be created for you, and the following screen will be displayed:

clip_image030

Click and drag the pfSense Firewall image from the left hand side to the right hand pane, labeled Virtual Machines.

Next click and drag the Ubuntu image from the left hand side to the right hand pane, labeled Virtual Machines.

Finally click the icon that looks like a floppy disk at the top left of the right hand pane to save the Virtual Appliance.

Configuring the Virtual Appliance

After saving the Virtual Appliance we need to configure the interfaces on the firewall at the Virtual Appliance level.  Move your mouse over the pfSense Virtual Machine, two icons will appear, a wheel and a X.  Click on the wheel, which configures the virtual machine.  The following screen will appear:

clip_image032

You will now want to add a public IP address to the firewall, so go ahead and select the Network tab and then click on the + button near the bottom of the pane.  The following window will appear:

clip_image034

 

 

Click on the Public Tab.

clip_image036

Select one of the available public IP addresses, and click accept:

clip_image038

The default gateway is now set to a public IP address.  This is the firewalls default gateway.

We need to now move the public IP address from NIC1 to NIC0 as NIC0 is to be used as the outside interface of the firewall.  So we first need to delete the existing NIC 0.

Select the line for NIC 0 and clicking the – button.

 

As you can see the public IP address is now on NIC0.

clip_image040

Now we need to re-add the internal network back on NIC 1 so click the + button and click default network.

clip_image042

Select the 192.168.0.1 .  This will be the default gateway for your virtual servers on the LAN.

 

Click Accept.

clip_image044

Make sure the Default Gateway is in the same range as the Public IP Address, if it is not select the right gateway address from the dropdown box.  If the right gateway is not listed in the dropdown, click save and try again.

Finally we need to secure the VNC access password, select the “General Information” tab, type a password into the Password field.

clip_image046

Click save then close.

Finally click on the deploy Virtual Appliance button on the top right hand side of the Virtual Machines pane.

clip_image048

The following windows will appear:

clip_image050


 

Updating the diagram with IP Addresses

We now need to update the diagram of the environment showing the IP addresses we have allocated.

clip_image052

Firewalling

This chapter outlines the basics around firewalling and how you configure your firewall within the VDC platform.

Configure the Firewall

You now need to configure the firewall to allow traffic to and from the firewall, as well as allowing traffic from inside to outside and finally allowing port 80 (HTTP to the web server).

Firstly open up a web browser enter the IP address of the public interface of the firewall that we allocated earlier in this procedure, in this case https://195.157.13.168.

Ignore the certificate error by clicking on “Continue to web site”.  The following screen will appear:

clip_image062

The default user id and password is located on the ‘cloudhelp’ site.  .  For the pfSense firewall it is “admin” and “v1rtu4LDC”.

You will not be presented with the main web page of the firewall.

The first step we need to complete is changing the default password for the admin user.  Move your mouse over the System menu item at the top left hand side of the page until a drop down box appears and select “User Manager”.

 

clip_image064

The following screen will appear:

clip_image066

clip_image068 Move the mouse over the edit icon to the right of the admin user’s line to edit the user.

The following screen will appear:

clip_image070

Type a new password where indicated (Twice).  Scroll down and click save.

 

 

Next we need to move the SSH port, this will allow you to access the Web Server via SSH.

Select “System” – “Advanced” and the following screen will appear:

clip_image072

Scroll down to the SSH section:

clip_image074

Click to “Enable Secure Shell” and set the SSH port to “8022”.

Scroll down and click “Save”.

Next we need to configure the firewall with the following rules:

·         Allow SSH on port 8022 to Firewall

            Select “Firewall” – “Rules”

clip_image076

            Select “WAN” and then click clip_image078 to add a new rule:

clip_image080

Enter the following:

Action: Pass

Disabled: not selected

Interface: WAN

Protocol: TCP

Source: any

Destination: Wan Address

Destination Port Range – From: 8022

Description: SSH to Firewall on Port 8022

Click Save

Click Apply Changes

You are now able to ssh using your preferred tool on port 8022.

 

·         Allow SSH on port 22 to Web Server

Select “Firewall” – “Nat” and the select “Port Forward”

clip_image082

Click on the Add NAT Rule button clip_image084

clip_image086

Disabled: Not selected

No RDR (NOT): Not selected

Interface: WAN

Protocol: TCP

Source: Ignore

Destination: Wan Address

Destination Port Range – SSH

Redirect Target IP Address: 192.168.2.2

Redirect Target Port: SSH

Description: SSH to Web Server

NAT Reflection: leave as default

Filter Rule Association: Pass

 

Click on Save and then apply rule.

You can now SSH into the web server (IP address as firewall with port 22), with user sysadmin and password “v1rtu4LDC”.

 

·         Allow HTTP on port 80 to Web Server

·         Select “Firewall” – “Nat” and the select “Port Forward”

clip_image087

Click on the Add NAT Rule button clip_image084

clip_image088

Disabled: Not selected

No RDR (NOT): Not selected

Interface: WAN

Protocol: TCP

Source: Ignore

Destination: Wan Address

Destination Port Range – HTTP

Redirect Target IP Address: 192.168.2.2

Redirect Target Port: HTTP

Description: HTTP to Web Server

NAT Reflection: leave as default

Filter Rule Association: Pass

 

Click on Save and then apply rule.

 

·         Allow all from inside out (NAT rule).

Select “Firewall” – “NAT”

clip_image090

Select Outbound:

A default rule has been applied, so no rule change is required:

clip_image092

 


Patching the Web Server

Now SSH to the public IP address of the firewall on port 22, you will get a security alert that states the public key is different from what is stored in the SSH client.  You can safely connect, because we have moved the destination for the IP address and port to a different end point.

Logon to the Web Server using the default userid and password.

The default user id and password is located on the ‘cloudhelp’ site.  For server image information follow this url: https://portal.claranet.com/cloudhelp/templates/logindetails.html.

When you are logged in change the default password by typing the following into the terminal window:

passwd

You will be prompted for the existing default password and prompted twice for the new password.  Remember this password, because Claranet cannot obtain the password for you.

Next we will patch the operating system.  Type the following into the terminal window:

clip_image054

And type the password you have just changed.

This will update the local repository for patches.

Next type the following into the terminal window:

clip_image056

After a few seconds you will be prompted to continue, type Y and press the Enter key.

After a few minutes the web server will be patched.

We now need to install the apache package to enable the server to be a web server.  Type the following into the terminal window:

clip_image058

Again you will be prompted to continue, Select Y and press Enter.

The web server will start automatically.  You can test this by starting your favorite web browser and entering the address for the public IP address of the firewall into the address box, and pressing Enter.

The following screen should be displayed.

clip_image060

This is the end of the example “Your First Virtual Appliance”, it provides a foundation for building on and can be extended to enhance your cloud infrastructure into whatever you want it to do. 

 

 By Jay Fearn Google

If your interested in using the Claranet VDC product please fill in your contact details below:
[recaptcha_form]

Using a SSL VPN to secure administrative access to your Enterprise in the Claranet VDC

Introduction

This post assumes the following:

  • You are using the pfSense firewall.
  • You are familiar with the Claranet VDC Platform.

Let’s imagine that you have been using the VDC platform for a while and have multiple virtual machines running in your account.

To gain access to your virtual machine you will either have:

  • Setup a jump box to proxy access

To access the virtual machines, you will first need to logon to the jump virtual machine (AKA a bastion host), and then logon to the destination virtual machine, this can be achieved for Windows by a terminal server session or for Linux using SSH. Configuration for this on the firewall is a single firewall rule for either SSH (Port 22) or MS RDP (port 3389) from outside to the jump virtual machine.

  • Setup multiple port forwarding rules on the firewall

To access virtual machines you will need to setup specific rules for each server to forward ports to backend servers. For example if we had 5 Linux machines that needed SSH access from the public internet and you only had 1 public IP address, you could setup port forwarding rules as follows to allow this:

  • WAN Address Port 8022 forwards to port 22 on virtual machine 1
  • WAN Address Port 8023 forwards to port 22 on virtual machine 2
  • WAN Address Port 8024 forwards to port 22 on virtual machine 3
  • WAN Address Port 8025 forwards to port 22 on virtual machine 4
  • WAN Address Port 8026 forwards to port 22 on virtual machine 5

The disadvantages of this, is that you will need to remember which port maps to which server.

  • Utilize multiple public IP addresses from the Shared Internet Access (SIA) range, and implement 1:1 NAT on each interface.

To access the virtual machines, you can configure multiple public SIA addresses on the pfSense firewall (instructions can be found at http://cloudhelp.claranet.com/content/getting-started-pfsense-firewall-image).

Each pfSense firewall can only have 8 interfaces, so if you have two VLANs in the private range where you deploy your virtual machines, then you are limited to 6 public IP addresses, 6 1:1 NAT rules, and 6 virtual machines that are directly accessible.

  • Use a routed DIA range

Using this method you can have a range of IP addresses allocated to you that can be mapped as a Virtual IP (VIP) address on your firewall and then 1:1 NAT can be achieved for as many public IP addresses you have purchased.

Unless there is no other way of achieving your business goal, this should not be used, this is due to the exhaustion of the IPV4 network range, see http://www.ripe.net/internet-coordination/ipv4-exhaustion/business-and-enterprise for information.

  • Use a MPLS connection with Claranet’s industry leading 3G network

Claranet have an industry leading wireless service that connects a 3G Dongle or 3G Router device directly into a secure private MPLS network (no traffic traverses the internet), see http://www.claranet.co.uk/networks/wireless-services.html for details.

This means that you can access virtual machines directly and securely from your PC or laptop.

  • Use an SSL VPN.

It’s a simple process to configure the pfSense firewall image to create a secure private tunnel directly into your VDC infrastructure. This can scale to many users and the users can directly access the virtual machines in your VDC account. This can be used in conjunction with many of the above methods to add flexibility, for example you could use a MPLS connection for users in static locations and use a SSL VPN connection for roaming users.

By far the easiest and most cost effective solution for a low number of users is to use an SSL VPN. This document describes the process of setting up a simple low cost SSL VPN (costs apply for resources used on the VDC platform for the pfSense firewall, which it is assumed you are already running to provide security for your cloud application).

Installing the pfSense Firewall VPN Edition

There is a special edition that includes the SSL VPN Client Export functionality that needs to be installed. This can be obtained from the following location http://www.sittingonthe.net/vdc/pfsense-vpn.vmdk , this will need to be imported into your VDC account.

Obtain the image at the above location, and using an FTP client upload to importer-uk-gsl2.cloud.claranet.com using your VDC account details as logon credentials.

After a few seconds the import process will complete and the image will appear in your application library, you may need to click on the refresh button highlighted in red below:

clip_image002

You will need to deploy the pfSense SSL VPN edition using the standard methods, making sure that the WAN interface is the first interface configured in the network section of the configuration.

The image has the following defaults:

  • 1 vCPU, 1024MB Memory, 8GB Disk Space.
  • Administrator Accounts:
    • Admin username – admin
    • Admin password – v1rtu4LDC
    • Superuser user name – superuser
    • Superuser password – v1rtu4LDC
    • Management interface accessible on WAN interface via HTTPS on port 9443
    • https://<WAN IP>:9443
    • Replace <WAN IP> with your WAN IP Address.

 

Configuring the pfSense Firewall

Logon to the firewall on the management interface (listed above) using an administrator’s account.

clip_image004

Select OpenVPN from the VPN dropdown menu.

clip_image006

The following web page will appear:

clip_image008

Click on the + icon on the right to add an OpenVPN Server.

Select the “Wizards” tab, and the following page will appear.

clip_image010

Keep the Type of Server set at Local User Access, and select the “next” button.

The following web page will be displayed:

clip_image012

As in the example above, enter details for the following:

  • Descriptive Name: This is to identify the CA Cert
  • Keep the Key Length at 2048 bits
  • Leave the Life Time at approximately 10 Years
  • Insert your country code, state or province, city, organization and e-mail address.

Click the “Add new CA” button.

The following page will appear:

clip_image014

On this page you set up the server’s certificate, so you need to enter the fully qualified domain name, for this test I am using www2.sittingonthe.net, and as per the previous screen enter the remaining details.

Click the “Create new Certificate” button to create a self signed certificate.

On the next page we will configure the OpenVPN Server service:

clip_image016

In the top section of the page “General OpenVPN Server Information” make sure you select TCP as this is more reliable and doesn’t get screen by ISPs, and give the Service a name, in this case I chose “SSL VPN”.

In the next section “Cryptographic Settings” leave at the default settings:

clip_image018

In the next section you can configure “Tunnel Settings”.

clip_image020

In this section, the tunnel network is a spare network range that isn’t been used anywhere else in either your VDC or in any of the networks used to connect into the VDC. In this case I have chosen 10.0.10.0/24.

The local network is a route you can push to the OpenVPN client so that traffic for it is routed down the VPN Tunnel we are creating. If you have more than one range you want to route to, you will need to check the “Redirect Gateway” check box, if this is selected all traffic will be sent down the VPN tunnel and you will lose access to resources on the local network.

If you want to use compression check the “Compression” check box.

The remaining item in the “Client Settings” can be left blank or filled in as appropriate.

clip_image022

Click “Next”

On the next screen:

clip_image024

Make sure that the “Firewall Rule” and “OpenVPN Rule” check boxes are selected and then click the “Next” button

On the next screen:

clip_image026

Click the “Finish” button.

Configure Client Certificates

When you get back to the main screen:

clip_image028

Select System-> User Manager.

The following screen will appear:

clip_image030

Click the + icon as shown at the bottom right of the graphic above.

The following screen will appear:

clip_image032

Fill in relevant details, as shown below:

Make sure you select the “Certificate” check box and another section will appear on the screen:

clip_image034

A filled in screen will look like the following:

clip_image036

Click “Save”

Downloading the client software.

Click on the VPN->OpenVPN

clip_image038

Select the Client Export Tab

clip_image040

Make sure the “Quote Server CN” checkbox is selected.

At the bottom of the screen is a list of users with SSL Keys. Next to the user you want to export click on the 2.2 under the “Windows Installers:” section and save the file.

This file needs to be distributed to the end user.

Installing the client and connecting

When the end user has received the installation bundle, they will need to install it, this needs administration privileges.

clip_image042

Click “Next”

clip_image044

Click “I Agree” if you agree to the terms and conditions.

clip_image046

Click “Next”

clip_image048

Click “Install”

clip_image050

When the first part of the installation is complete click “Next”

clip_image052

Click “Finish”

Next the Clients configuration and keys are installed.

clip_image054

Click “Close”

In the Readme File that was opened during the install, it states that Windows 7 and Windows Vista users, and it is assumed that Windows 8 also needs this setting, needs to be run with administrative privileges.

To achieve this, right click on the “OpenVPN GUI” icon on your desktop:

clip_image056

And select “Properties” and select the “Compatibility” Tab.

clip_image058

Make sure that the “Run this program as an administrator” check box is selected, and then click the “Change Settings for all users”

clip_image060

Make sure the “Run this program as an administrator” is also selected on this window.

Click “Apply” and then “OK”.

Select the “Shortcut” Tab and then the “Advanced” button.

clip_image062

Make sure the “Run this program as an administrator” is also selected on this window.

Click on “OK” then click “Apply” and then “OK” again.

Now double click the “OpenVPN GUI” icon and select yes for the warning.

An icon will appear in the bottom right of your screen (Windows 7) clip_image064Right click it and select “Connect”

The following window will appear:

clip_image066

Enter your VPN username and password.

You should now be connected.

To confirm this, if you open a “Command Prompt” and type “netstat –nr”, it should show a route for the LAN range via the VPN network (10.0.10.5 in my case).

clip_image068

By Jay Fearn Google

If your interested in using the Claranet VDC product please fill in your contact details below:
[recaptcha_form]

Exporting VDC Images from the Claranet Virtual Data Center

When you want to export a virtual machine from the VDC platform, you will first need to take a copy of your running image. A video of “Managing Instances” process is located at the following location http://cloudhelp.claranet.com/content/managing-instances-snapshots.

The file is exported as a thin provisioned vmdk sparse file. This will run in any recent copy of VMware Workstation, Server, Player, and ESXi (vSphere). It can however be converted using conversion tools to a format that is able to run on Microsoft Hyper-V, Xen, and other leading hypervisor products.

The export process below will only export the Operating System volume in a single vmdk file. External Volumes cannot be exported using this method. Standard copy/replication methods can be used to copy external volumes.

After logging in to the VDC, select the Virtual Data Centres tab.

clip_image002

clip_image004

Next select the running Virtual Appliance that the virtual machine in running in, by clicking on the right arrow next to the virtual appliance, circled in red.

This will open the Virtual Appliance and show the running Virtual Machines.

clip_image006Left click on the Virtual Machine you want to take a export and then left click the Create Instance button.

clip_image008

A window will appear that shows all the running virtual machines, as shown above.

Select the check boxes of the virtual machines you want to export and click the Create Instance button at the bottom.

The following windows will appear to confirm your choice.

clip_image010

Notes:

· The running virtual machine will be frozen whilst the virtual machine is cloned.

· The operating system image will be cloned and not the external volumes.

clip_image012

Whilst the virtual machine is being cloned a window similar to the graphic on the left will be shown.

As stated previously whilst this window is shown the virtual machine will be frozen. It is suggested that copies are taken during quiet times for your application, where the impact of the cloning will have less of an effect on your application (note Claranet do not limit this by time and it is dependent upon your individual application needs).

When complete we now need to select the Apps Library tab.

clip_image014

clip_image016

Then select the relevant Data Centre.

clip_image018

Next select the template of which you took a clone. The templates that have clones are denoted with a yellow M in the top left hand side of the graphic, as shown to the left.

clip_image020

Click on the graphic, and in the bottom part of the screen a list of available images will appear.

When you move your mouse pointer over the image your want to export three icons will appear in the top right of the icon, as shown below:

clip_image022

clip_image024

The first icon from the left is the download image icon, click on it. A security warning will appear as shown.

The reason for this is that we at Claranet value your data as much as you do and mandate that all data should be exported in a secure manner. We redirect from the HTTP interface to HTTPS to encrypt the contents of the image whilst it is transferred over the internet. You will need to select “No” here to allow the transfer to take place.

clip_image026

You are now prompted for your username and password for your VDC account. Enter them. After you have logged on, the system will ask you to save the file:

The file will then be downloaded.
 By Jay Fearn Google

If your interested in using the Claranet VDC product please fill in your contact details below:
[recaptcha_form]

Information Age: What 4G means for business

Claranet’s product director, Martin Saunders, gives his view on the implications of new 4G technology alongside other industry experts…

“Construction firms will be able to set up on- site offices quickly, and security firms will be able to install CCTV in record time,” he says. “Not only that, but independent retailers will have the opportunity to set up pop-up shops quickly without waiting multiple weeks’ lease time for fixed-line broadband to be installed.” Similarly, firms processing credit card transactions could use a 4G connection as a backup option in the event that their fixed- line broadband connection goes down, says Martin Saunders, product director at managed services provider Claranet.

“Because of changes that have been happening around the Payment Card Industry Digital Security Standard (PCI DSS), it has become less and less viable for merchants to be storing credit card information, just in case their broadband connection goes down,” he explains. 4G could also prove useful for businesses that transact payments using mobile devices, argues Dan Wagner, founder of mobile payments service mPowa, and could allow mobile salespeople to process payments while on the go.

“Our business initiative is based around mobility and the fact that people can take payments on the move,” he says. “Obviously you need good connections and good data interaction in order to be able to achieve that when you’re travelling.”

If 4G services really deliver the kind of bandwidth and network performance that the telcos are promising, then some companies might begin to wonder why they buy fixed-line broadband at all.
Claranet’s Saunders says this is not entirely misguided. Office broadband consumption should – in theory – be lower per individual than home use, as employees should be reading emails and sharing data, not streaming online videos. In certain cases, therefore, 4G services may replace some or all of a company’s fixed-line broadband consumption.

Before making the leap, however, IT leaders would be advised to look at their network usage statistics, to check the true profile of their current consumption, Saunders says. Furthermore, he argues that having good customer services and security is far more important for a business than the outright amount of bandwidth on offer.

Customer service

Saunders adds that his customers are particularly interested in 4G in the context of customer-facing operations. “Businesses will be able to deploy iPads in stores, allowing customers to browse catalogues,” he says. “Being able to secure the connection without having to run a complex VPN client is resulting in much interest from businesses in this area.” As well as the impact of 4G on their own networks, businesses must be mindful of its effect on customer behaviour. Most obviously, it is reasonable to assume that improved mobile broadband services will enable more mobile commerce. In response to an Ofcom consultation on mobile competition, US online auction company eBay cited a study it had commissioned into consumer attitudes to m-commerce.

The study asked consumers what barriers prevented them from using their mobile devices for shopping. Of the 1,500 surveyed, 65% said connection speed, 63% said the reliability of their mobile Internet connection, 62% said the cost of mobile Internet services and 52% cited network coverage.

“An item is purchased every second in the UK through eBay mobile apps, and for our users mobile shopping is all about convenience and speed,” explains Oliver Ropars, senior director for EU Mobile at eBay. “A faster connection with 4G will help make the shopping experience even more appealing for customers.”

Beyond retail, businesses could use the improved multimedia capabilities allowed by 4G services to interact with customers. “Consultancies will be able to host video conference calls with clients while on the move,” says EE’s Stiven.

Forrester analyst Thomas Husson says it is not just the speed of 4G services that will allow richer multimedia experiences for customers, but also improved latency.

“Services that require not just higher speeds but also good latency will result in a much better experience for consumers,” says Husson. “The time to interact between the network will be lower, so there will be interesting use cases for multitasking services, multiplayer gaming and anything related to video.”

Claranet’s Saunders is sceptical that 4G will necessarily improve network latency, unless mobile operators invest in sufficient back-end infrastructure. If the networks don’t have capacity, it doesn’t matter what technology you run on the radio, it’s never going to be as good,” he says. “In that scenario, while 4G will be fine for regular Internet browsing and downloads, it won’t resolve the whole issue around latency and how responsive the network feels.”

Sylvain Fabre of analyst company Gartner agrees, saying that high-definition video and voice-over-IP (VoIP) services may still suffer from packet loss on 4G networks.

“Packet loss and other IP issues that result in one person getting cut off when the other talks could still occur if the network is congested,” he says. “Suddenly the lower-quality yet clear two-way communication that you’re used to on a good voice call doesn’t really work and can become annoying.”

Fabre adds that businesses offering 4G services inside buildings, whether for employees or customers, may experience signal degradation. “It’s going to be harder to get a connection inside buildings until somebody does an in- building solution that maybe uses distributed antennas,” he says.

With numerous handsets with LTE connectivity due to be released over the next year or so, Fabre says that businesses will also have to ensure that they purchase, or are issued with, devices compatible with their 4G provider’s spectrum frequency to avoid employees being left “out of the loop” due to owning incompatible phones. “The technology doesn’t simply resolve all these things, it introduces new challenges too,” says Fabre.

Of course, it is not possible to predict entirely the impact of 4G at this point. EE’s Stiven argues that only once 4G services are widely available will innovation around applications really take off.

“The really exciting bit is that organisations in 12 months’ time will have thought of a whole range of other innovative ways they can use it,” he says. “There are a lot of things we haven’t foreseen that 4G is useful for that will become a real engine for growth.”

Claranet’s Saunders advises companies against making rash decisions about 4G. “I’d say ‘watch this space’, and don’t make any quick moves,” he says.

In particular, he warns against choosing a mobile operator simply on the basis of its mobile broadband speeds. “I’d say it’s more important to look for customer services that make your life easier.” Still, with mobile platforms threatening to eclipse fixed-line infrastructure as the dominant communications medium for business, IT leaders would be well advised to keep an eye on developments in the 4G arena, as they are certain to offer up opportunities for innovation and efficiency.

Find out more: