Normally I write about large scale systems, in the post I will recommend a high-quality, low cost setup for small businesses (5-50 employees). I will discuss two components: a server and a firewall/router.
Before I provide the details let me first state that I have no personal or financial interest in these products. I purchased them myself for my own use. The links to the products on Amazon are for your convenience. They are not affiliate links. I do not receive anything for recommending them.The recommendation is based solely on my personal experience with them over the course of several years.
In all the IT products I use, I favor stability and security over other considerations. The reason I’m recommending these two products is that they have the rare combination of stability and security along with usability and low cost. I’m sure there are other great products out there but these are the ones I have firsthand experience with and feel comfortable recommending.
Small Business Server
My first recommendation is the Synology DS412+. This little box is amazing. It’s marketed as a storage (NAS) device but in practice it is a full featured and reliable server. Here are some of the things it can do:
- DNS Server
- Email Server (mail and calendar that are MS Outlook compatible)
- Log server
- File sharing
- Print server
- Private cloud (like a private version of DropBox)
- CRM Server
- Directory server (LDAP)
- Video surveillance server
- Web server
- IT inventory and trouble ticket server
- And many more
These applications can be loaded as “packages”. You only install the ones you need.
The DS412+ is managed via the web. Synology has the best web interface of any product I have ever used. Configuring the applications still requires knowledge of IT but the interface makes performing the basic tasks easy (more on this point below under support costs). The applications it provides via packages are reliable, stable, and free. They also have decent security settings. For example, the email server can be configured to use a blacklist and it will auto-ban IP addresses that fail to login correctly (i.e., spammers).
Since it’s a NAS it does storage well. You can configure it to use various RAID levels depending on your needs. You might, for instance, set it to RAID 5 for performance and redundancy, or you can use RAID 10 for maximum reliability. The drives are hot swappable meaning you can replace one without powering down the server. I had a drive fail once. I simply bought a new one and plugged it in and the server integrated it back into the RAID set. While the drive was dead it continued to function fine.
I recommend the Western Digital Red Drives for the Synology. They are designed for a NAS. Currently on Amazon the DS412+ is $650 and four 3TB red drives cost about $500 which totals to $1150. There is no annual maintenance fee.
The four drives gives you local redundancy in the case of failure. You still need off site backup in case something happens to destroy the device. The Synology has built in support for Amazon Glacier which provides extremely cheap off-site, “cold storage” of your data. Just configure this to run daily or even more often and you will have some level of protection against catastrophic failure due to fire, theft, etc.
If you want even more redundancy you can buy two Synology boxes and configure them in high availability mode. In this mode if one fails the other will seamlessly take over. This is a good idea if your budget allows. I have not tested this feature so I cannot comment on how well it works.
Every business needs a sophisticated firewall. These must not only protect your network but also protect users on the web from malicious sites. There are also web sites your company will want to block for a variety of reasons. The WatchGuard XTM 25 provides all these security features in a single appliance. You can get the model with WiFi if you need wireless access in your office.
The XTM25 provides:
- Basic firewall
- Intrusion prevention
- Antivirus (web and email)
- Spam blocking
- Web blocking
The web blocking can be configured to block sites by category. The XTM25 is configured via the web and has a decent interface. It’s not up to the Synology level but it is still good. The XTM25 supports advanced networking features such as VLANs, QoS, bonding, and so on.
It has worked very reliably for me and has a minimal impact on Internet bandwidth. Depending on what features you use you can tune this to find the best balance for your needs.
The XTM25 (without WiFi) is about $300 dollars on Amazon. You will need to buy an annual license which also costs about $300 (a bit more if you buy the Data Protection service). This is an annual fee that covers updates to the anti-virus and other services. Their customer service seemed good. I asked a few questions and received prompt answers.
The XTM25 is a business product and is not like a home router/WiFI. It requires someone who understands TCP/IP networking to properly configure it.
These devices are largely set-and-forget. They will need occasional maintenance and should be monitored regularly. By maintenance I mean that the software must be updated periodically. Someone will have to administer them as well, for example to add new user accounts. Simple admin tasks can probably be performed by someone without IT expertise. However I wouldn’t recommend this.
A good IT person could setup both of these boxes in a weekend. After that maintenance and administration should be modest. Depending on the level of trust you have in your IT person these could be administered remotely. Overall, I estimate support costs as comparatively low. In my experience it’s better to spend less on hardware and software and more on good people.
High quality does not have to be expensive. When properly configured and maintained I think these two devices will work well for a small business. If your business is at the larger end (closer to 50) you should consider buying the next model up. I think these devices hit the sweet spot in terms of cost and performance.