Designing Home and SME Networks 11 – Getting the Inside Out

There are two main aspects to getting data from your network out onto the Internet:

  1. Allowing your network users to send data out.
  2. Allowing Internet users to come and get your data themselves.

1: Allowing your users to send data out.

This is a standard operation that most Internet users perform daily, such as sending emails, texting, tweeting, Instant messaging and posting to blogs and other data services. If you are going to allow it at all from your network, it can be difficult and expensive to manage. Most small businesses simply rely on the discretion of their users.

2: Allowing Internet users to come and get data.

Especially for businesses, it can be important to allow content that you create or hold on your network out onto the Internet. There are two basic mechanisms to do this:

  • Export it from your network onto a host elsewhere on the Internet
  • Store it on a server on your network

2.1: Internet hosting: Why would you let your data be held on someone else’s server(s)?

There are several very good reasons to put your data on an Internet hosting server and allow others to access it from there:

  1. What you keep on the Internet is only a copy of the original and therefore, if it gets corrupted or deleted, you can reload it;
  2. You don’t have to let anonymous Internet users into your network;
  3. The user’s browser traffic does not use your Internet connection bandwidth;
  4. You don’t have to publicise your own IP address to Internet users;
  5. You can use a dynamic IP address for your Internet connection (Unless your host servers need access to your network).
  6. If, like many large organisations, you choose to host your network services in a Data Centre, then you can provide your own hosting for your Internet presence from that data centre. However, this then makes you subject to some of the issues mentioned below under hosting your own Internet presence.

There are also several disadvantages to Internet Hosting:

  1. It is difficult to keep your data current, although this is generally adequate for static content.
  2. If you have dynamic content, you need to provide a channel to either proactively update the data on the Internet servers or allow the Internet servers to access data held on your network in real time.
  3. It can cost significant amounts of money, although many ‘personal’ Internet (‘Cloud’) file hosting resources are free: up to a point.

Your contract with the hosting organisation will determine who is responsible for what but, generally:

  • You are responsible for:
    • Loading the content and keeping it current;
    • specifying or setting up access controls;
    • permitting the hosting servers access to data on your network (if they need to).

The Hosting manager is responsible for:

  • Making sure the service remains available and undamaged. They will provide replacement servers if one breaks down;
  • Providing a degree of access control and data security so your content doesn’t get hacked;
  • Keeping access logs and generally managing user access to your data.

Some other services are negotiable, dependent on the host:

  • Backup/restore

2.2: Remote access for Internet Users to data on your network

This is where you host your own Internet presence using devices on your own network. Generally speaking this is considered to be a Bad Idea for small businesses. There are some advantages to doing it, however:

  1. You are in complete control of your data, and not subject to the vagaries of a hosting company.
  2. You achieve maximum currency for your data, as there are no Internet delays between your Internet-facing devices and the databases holding your dynamic content.

Against this are the disadvantages:

  1. You need to spend significant amounts of money in securing your network by providing:
    • Separate servers for Internet-accessible services
    • Multiple layers of firewalls and a DMZ to isolate Internet traffic from internal network traffic and prevent Internet users accessing your network
    • Proxy services to ensure that any data that is served from within your network to the Internet-facing servers is fully secured.
  2. All traffic between the Internet and your Internet-facing servers traverses your Internet access link. This may impact the service level available to your internal network users. You will almost certainly require some sort of intelligent traffic management to prevent any peaks in your Internet user traffic (or Denial or Service attacks) from completely isolating your network from the Internet.
  3. You have to make the IP address of your Internet connection public, and it has to be static.
  4. Your Internet-facing servers and other devices need to remain switched on at all times.

Generally, these disadvantages make self-hosting of your Internet presence a poor option for most individuals and small businesses.