|
|
info@eracks.com (714) 532-5322
|
|
| Products Services Distributors Customers FAQ Forums Press Corporate Blog Contact us | |||
|
eRacks Frequently Asked Questions (FAQ)Ordering Questions How can I make a special request? How long will my order take to arrive? What shipping carriers and methods do you use? What are the usual reliability-test procedures? Network Design and Firewall Questions How do I do web-based administration on my eRacks system? How do I collect usage statistics on my eRacks web server? How should the network be designed in order to tolerate a firewall failure? What does NAT stand for? In the eRacks/NAT Firewall, Is NAT used for incoming or outgoing traffic? How does a VPN work? Why do I need a matched pair and where should they be? Will the eRacks/VPN work with a Windows VPN client, such as a PGP client? Can we order just one eRacks/VPN, rather than a peer VPN configuration? Can eRacks help us out with some network design consulting? System Design Questions How much memory do I need for firewall and web systems? Is it enough to use software RAID or should I add a RAID card to my system? Can I upgrade the memory/harddrive/other components later on after I purchase my computer? Hardware Questions What are the outer dimensions of rackmount servers and how are they mounted in a shelf? How Many PCI slots are available in your 1U systems? What about other systems? Other slot types, such as ISA, AGP, etc? Software Questions Where can I find out more about the software that eRacks recommends? Is open source software reliable? Which operating systems are recommended for which purposes? Will a backup server running Linux be able to see and backup my Windows and other machines? How does eRacks' software configuration ensure the security of a firewall? How do I view our Windows machine from OpenBSD eRacks servers and vice versa? Questions about the eRacks website What tools were used to build this website?
Ordering Questions
How can I make a special request? You may enter a special request for your order in the "Special Request" field
when you check out. If you wish to enter a note for a specific system or line item on your order,
you may enter it in the "Notes" field of the system configurator when you
add your system to the shopping cart. You may always also email us with a request,
a human will read it and reply. Most of eRacks' systems are built to order (BTO). Shipping time is dependent on configuration,
availability of components, and payment method. Typical configurations with standard components are usually shipped
within 5 - 10 business days of ordering. Priority treatment is given to orders with expedited shipping chosen.
All eRacks servers undergo extensive reliability and heat testing. Please contact eRacks for specific information relating
to your order. We ship only fully-insured, via UPS ,
FedEx , and other well-known carriers. For international shipments, we can also arrange containers and freight forwarding,
contact us for details. Priority treatment is given to orders with expedited shipping chosen. eRacks performs a standard burn-in procedure, typically 72 hours,
which load-tests the CPU, memory, and hard drive(s), ensuring maximum
reliability and identifying any marginally functional components for
replacement prior to shipping.
How do I do web-based administration on my eRacks system? Most features of our systems can be administered via the web using WebMin
which comes preinstalled with most of our systems. WebMin is easy to use, and works well on most open-source operating systems, including OpenBSD, FreeBSD, and Linuces. Following are examples of just a few packages supported by WebMin, there are many more: We recommend and use Webalizer. Webalizer shows daily usage statistics summarized by month, and is preinstalled on
all our systems which include a web server or application server, including: or upon request. It's best to have one or more DNS servers that are configured as a replacement firewall,
in case of failure. In a typical colocated network, the DNS servers are the only other severs connected directly to the Internet, and
which are not behind the firewall - these servers are then configured with redundant network cards, and
are on the internal LAN as well as the Internet - thus a simple reconfiguration can be done remotely in the case of a
firewall failure. For example, to use your dns2 server as a new firewall: For more information, see our network services page or email us at consulting@eracks.com . NAT stands for Network Address Translation, and describes the process whereby
TCP/IP traffic is remapped from one set of IP-address/port numbers to another. When used on outgoing connections from a LAN to the internet, this
accomplishes several goals: 1) Allows exposing fewer or no IP addresses on the open internet 2) provides a casual measure of security and privacy by hiding internal IP addresses 3) uses as few as one (possibly scarce) official IP address for an entire internal network. Note that (2) is not real security, and is no substitute for a full-blown firewall with a
well-thought-out set of firewall rules, done by a knowledgable
security architect . NAT is generally used for outgoing traffic only. Incoming traffic is usually accomplished by simple
port-forwarding, with certain types (fragmented, for example) of traffic filtered out.
Although ports can be forwarded to other internal IP addresses, this isn't generally
referred to as NAT, which includes port-remapping as well as forwarding. For example, a typical set of firewall rules would only allow HTTP (port 80), HTTPS (port 443),
and SSH (port 22) traffic to pass to the internal network's servers, and reject (or drop) all
other traffic, thus securing the site against intruders. The VPN can either be on the border between your network and the Internet
(in your firewall, for example), or it can be inside the border - behind the firewall. There are advantages and disadvantages of both approaches - and your needs may determine
which one is best for you. This is a good topic for our Network Review Services . A matched pair is necessary because the two VPN servers must have their keys
configured to allow each other access - they must "know" each other in advance. Yes, there is a list of compatible VPN clients at: http://www.openbsd.org/faq/faq13.html#IKEcl If you'd like to order just one eRacks/VPN, configured and qualified to run
with a specific client or list of clients, and don't really need a LAN-to-LAN
peer-connected VPN,we will certainly consider your request on a case-by-case
basis - please email us with the details of your
requirements. Yes! eRacks offers three levels of Network Review, as well as general network-related consulting on an hourly basis. See our Services page for details.
How much memory do I need for firewall and web systems? Web/database servers will perform better with more memory. In most cases, we recommend using only hardware RAID.
Reliability is compromised with software RAID,
since the RAID system itself is vulnerable to an
operating system corruption or crash. Yes, and since eRacks uses non-proprietary components, your system is easily upgradeable
at reasonable prices. Many large hardware vendors sell systems that require you to purchase
upgraded components only from the same company at high margins.
What are the outer dimensions of rackmount servers and how are they mounted in a shelf? Rackmount servers' heights are defined by the number of Us, or rack Units. A 1U system has 1.75 inch vertical
space on a rack shelf. The systems can be attached to a rack shelf by simply screwing the front ears onto the shelf
rail, with optional center/rear mounts providing additional support. Sliding railkits can be used to allow the system to slide
in a manner similar to a drawer. See our rackmount servers info page for further details. Most of our 1U systems have 1 PCI low-profile slot available. If you require more than one PCI slot
in a 1U system, please
email us for details or for a quote on a custom system. Our 2U chassis have either 2 or 3 PCI slots, depending on the model. We can build a 2U system with an ISA riser by special request - one
of our Remote Management cards uses an ISA slot, which we can install
into a 2U chassis, with an ISA riser card. For other ISA slots, ACP, or CNR, we can use our SLOTS chassis, which is 3U,
or we can use a 4U or larger chassis. We may also integrate an ISA, ACP, or CNR slot into one of our 1U chassis
by custom design and special order - email us for details.
Where can I find out more about the software that eRacks recommends? eRacks maintains an open source links page. Open source code was written to be read, since it is publically viewable.
An open source code policy permits very fast big fixes, while proprietary source code updates
usually have a much higher turn-around time. Free distribution ensures the high quality
of the software; there is no temptation for a vendor to release an early buggy version in order
to achieve a few short-term sales. As experienced network designers and system architects, eRacks recommends
only well-tested software. We know by experience and ongoing research which OSes,
packages, and applications work best for a particular purpose, which ones work together, and
which ones don't. For more about open source software, see the
Open Source Initiative corporation's website. For example, eRacks advisors recommend
OpenBSD for its security and it is the recommended operating
system for any server exposed on the Internet. Operating systems variations in their strengths, Samba support, multiprocessor support,
as well as cost and licensing. We'll add more notes here soon; meanwhile please
email
if you would like specific recommendations from eRacks. Yes, when Samba or similar client is installed on the backup server By default, we preinstall
OpenBSD, WebMin,
OpenSSH, bash, and various other tools
to make operation of your firewall simpler and easier. We don't enable FTP, Finger,
or any other protocols which would compromise the security of your firewall.
The WebMin remote management is accessed via SSH-port remapping. We include an open-source
MS Windows SSH client with configuration instructions on how to access WebMin.
This avoids opening up the firewall to additional ports such as WebMin's port 10000.
What tools were used to build this website? The eRacks web server uses:
Apache , OpenSSL ,
Zope , and PostgreSQL .
It is running on Debian Linux . |
| General Shallow Depth AMD Intel DAS NAS Network Firewall Web Quiet Virtualization Desktop Netbook Laptop Custom |
 |
| eRacks: Products Services Distributors Customers FAQ Forums Press Corporate Blog Contact us |
eRacks Open Source Systems ©
Copyright 1999-2010, All rights reserved.
Linux is a registered trademark of Linus Torvalds.
Other trademarks are the property of their respective owners.