Home Networking And IT Information And Discussion

Articles about home, SOHO and small-business IT and networking issues

DLNA and UPnP AV in the business

Originally posted: 5 January 2009, Updated 6 July 2009

Very often, DLNA and UPnP AV are typically marketed as being for use in the home due to the reduced amount of configuration needed for devices that comply to these standards. But devices based on these standards can appeal to business use, especially to small “mum and dad” shops, community / religious organisations and other similar businesses who don’t have regular access to “big business” IT resources.

The functionality is typically available as low-cost or free software or, in some cases like Windows XP and Vista, available as part of the operating system. There are some “business-grade” network-attached storage boxes that have the functionality for business continuity as well as the ability to work as DLNA-compliant media servers.

The main issue that one will have with this kind of setup will be that the network that you intend to connect the equipment on must be on the same subnet or logical network, served by the same DHCP server. This will be fine for most small-business, and SOHO networks, including the “private” segment of networks that provide Internet access to the public such as wireless hotspots and Internet cafes.

If you are concerned about security of business data or the integrity of business systems, you could run a separate server for the DLNA-presented media data rather than use the main server for this purpose. Then you can lock down the main server as tightly as it should be for the data.

Visual Merchandising

DLNA-based setups can come in to their own when it comes to all sorts of visual merchandising applications. This is more so for small businesses who cannot afford to buy business-grade "digital signage" or find the "digital signage" difficult to manage due to complex setup requirements.

You can have images or videos of products that are always kept fresh and up-to-date and can intermingle these images and videos with up-to-date “electronic signage” that you create with programs like Microsoft PowerPoint. The best example of this being used would be the real-estate agent who uses the setup to show pictures of the houses he has currently for sale or a beauty salon showing examples of the most fashionable hairstyles they have done lately.

A DLNA-compliant network electronic picture frame like the Kodak EX1011 or the D-Link DSM-210 can work wonders here as can any DLNA-compliant network media receiver (or games console) hooked up to a large flat-screen TV or monitor. Similarly, a DLNA-compliant flat-screen TV like one of Sony’s recent LCD TVs can fulfil the same needs here, especially now that the cost of these sets in in affordable territory and the sets are available from most electrical retailers.

The media server can be part of the file server’s functions or can be hosted on a separate box such as a network-attached storage unit. You just need to add the media to this server by using a standard network file-transfer protocol like SMB or FTP.

You will need to make sure that the media server presents the files either by keywords (tags) and / or folders of the file system so that you can file the pictures how you want to file them. Windows Media Player and TwonkyMedia do support working by keywords and folders.

If you use a presentation program like Microsoft PowerPoint to create “electronic signage”, you just need to export all of the slides in your presentation as JPEG files in to a folder available to the media server. This is done in PowerPoint by opening the presentation and selecting “File” – “Save As” and selecting “JPEG” as the file type. You then have the option of exporting the current slide as a JPEG or exporting all the slides in the presentation as JPEG files in a folder named after the title of the presentation.

Background Music

If you are sick and tired of the radio or those business-to-business music services, you can use a computer as a music server, with the music playing out through a DLNA-compliant network media player such as one of those Internet radios.

As I have mentioned in my previous DLNA feature articles, it is very easy to do whether you decide to use a computer or a network-attached storage box as a media server. Most of the network-enabled music players support shuffle-play which can be very useful for this application and a lot of them have a line-out connection so you can connect them to a public-address amplifier or music-on-hold interface.

Education – The media library

A DLNA-based media system can work well when it comes to education. It doesn’t matter whether the idea is to show a video to a class or whether a student is viewing a video they saw in class “once more” in the library.

A capable DLNA media server with a properly-indexed media collection can work wonders here, with the users selecting the AV material through the DLNA media player’s user interface. Most such players can connect to existing AV equipment or the DLNA functionality can be part of the equipment’s functionality.

Similarly, if the media server provides it, you could allow Web-based access via any computer connected to the facility’s network. This can allow wireless-linked computers to be used to “pull up” the learning resources.

Other business-based DLNA applications

DLNA is eventually heading in the direction of a common IP-hosted data system for transferring media between portable and fixed devices. A typical application may include uploading images and movies from a digital camera or camcorder to a “base” computer for editing and viewing. Similarly, there may be the application of downloading AV material from a computer to a smartphone so it can be viewed on that phone’s display.

Conclusion

What needs to happen is that DLNA needs to be viewed as not just being for the home but being for business and educational life as well.

Advertisements

6 July 2009 Posted by | SOHO / Small business computer setups, UPnP AV / DLNA | , , | 5 Comments

Teleworking Best Practices

Pandemic Preparedness: Teleworking Best Practices | Wi-Fi Planet

My comments on this topic

In the article referenced from this post, the last few paragraphs talked about being prepared for teleworking whatever the “raison du jour” was. This was because whenever there was a national security incident, a natural disaster or a plague, the concept of telecommuting would be raised through business discussions. But whenever these risks subside, telecommuting falls off the agenda.

I personally consider the concept of teleworking as something to be factored in to everyday office life no matter the national or global situation. One application I think of very heavily would be for workers who end up doing double-duty as family carers, such as for ill or convalescing children; or elderly parents.

As well, it may appeal to people who are approaching the end of their tenure at the business to be able to increase being used to staying home rather than at the office. This is more so with family-run businesses where there is an increased risk of “living in the office” even as their active tenure comes to a close.

Similarly, it could also allow larger office-based employers to reach talent pools that exist in rural communities for some of their office jobs. The employers can be able to then work from home for most of their working month, but come in to the office for meetings and similar activities.

The way to technically prepare for teleworking would be to ensure that there is a good-quality secure Internet link to the office, such as a VPN, and consider the use of a VoIP or other “virtual extension” setup for the telephone. A webcam can be handy if you intend to do some video-conferencing with the office.

As far as the printer is concerned, make sure that you can print out any workplace documents with it. This may involve making sure that any “remote-desktop” programs can work with your local printer.

Small businesses can look towards using LogMeIn or GoToMyPC as a quick-setup remote-desktop tool, especially if you use “home” versions of Windows operating systems in the office or you don’t have much computing knowledge. If you use a “pro” or “business” version of Windows and have a fair bit of computing knowledge, it may be worth knowing how to user the Remote Desktop functionality.

As far as your VoIP or “virtual extension” setup is concerned, it may be worth making sure that your system can be capable of allowing the same extension number to be easily switched between two or more physical terminals, like a softphone program, VoIP handset or classic fixed or mobile telephone. This can permit the phone system to work with your work-home life.

Once you have a setup that allows you to do your work at home, you can be ready to work from home at a moment’s notice.

25 May 2009 Posted by | Network Activities, SOHO / Small business computer setups | , , | 1 Comment

Keeping the WiFi public hotspot industry safe

There are an increasing number of WiFi wireless hotspots being set up, mainly as a customer-service extra by cafe and bar operators. But there have been a few security issues that are likely to put users, especially business users off benefiting from these hotspots.

This is becoming more real due to netbooks, mobile Internet devices, WiFi-capable smartphones and other easily-portable computing devices becoming more common. The hotspots will become increasingly important as people take these devices with them everywhere they go and manage their personal or business data on them.

The primary risk to hotspot security

The main risk is the “fake hotspot” or “evil twin:. These are computers or smart routers that are set up in a cafe or bar frequented by travellers, business people or others who expect Internet access. They can be set up in competition to an existing hotspot that offers paid-for or limited-access service or on the fringes of an existing hotspot or hotzone. They offer the promise of free Internet access but exist for catching users’ private information and/or sending users to malware-laden fake Websites hosted on the computers.

Standard customer-education practices

The common rhetoric that is given for wireless-hotspot security is for the customer to put most of their effort into protecting their own data without the business owner realising that their hotspot service could be turning in to a liability. This can then lead to the hotspot service gathering dust due to disuse by the customers it was intended to serve.

The typical advice given to users is to check whether the premises is running a wireless hotspot or if there is a hotzone operating in the neighbourhood before switching on the wireless network ability in your laptop computer. Then make sure that you log on to a network identified by a legitimate ESSID when you switch on the wireless network ability.

Other suggestions include use of VPNs for all Web activity, which can become difficult for most personal Web users such as those with limited computer experience. Some people even advise against using public Internet facilities like Internet cafes and wireless hotspots for any computing activity that is confidential on a personal or business level.

But everyone involved in providing the free or paid-for hotspot service will need to put effort into assuring a secure yet accessible hotspot which provides a high service quality for all users. This encompasses the equipment vendors, wireless Internet service providers and the premises owners.

Signage and operating practices

When Intel promoted the Centrino chipset for laptop computers, they promoted wireless hotspot areas that were trusted by having a sticker with the Centrino butterfly logo at eye level on the door and the premises being scattered with table tent cards with that same logo. Similarly hotspot service providers and wireless Internet service providers used similar signage to promote their hotspots.

But most business operators, especially small independently-run cafes and bars, tend to deploy “hotspot-in-a-box” solutions where they connect a special wireless router that they have bought to their Internet service and do their own promotion of the service. This may simply be in the form of a home-printed sign on the door or window or a home-printed display sign near the cash register advising of WiFi hotspot service.

An improvement on this could be in the form of the ESSID matching the business’s name and listed on the signage, which should have the business’s official logo. Similarly, the network could be set up with WPA-PSK security at least with the passphrase given to the customers by the business’s staff members when they order hotspot service. Most “hotspot in a box” setups that list the customer’s username and password on a paper docket list the ESSID and WPA-PSK passphrase on these dockets. As well, I would modify the login page to have the business’s look with the business’s logo. A complimentary-use hotspot could be secured with a WPA-PSK passphrase and the customer having to ask the staff member about the passphrase. This could allow the facility to know who is using the hotspot and the organisation who runs that hotspot can have better control over it.

It may be worth the industry investigating the feasibility of using WPA-Enterprise security which is associated with different usernames and passwords for access to the wireless network. Most portable computers and handheld devices in current use can support WPA-Enterprise networks. This can be implemented with the typical “paper-docket” model used by most “hotspot-in-a-box” setups if the authentication system used in these units works as a RADIUS server and the built-in wireless access point supports WPA-Enterprise with the unit’s built-in RADIUS server. The same setup could work well with a membership-based hotspot service like a public library with the RADIUS server linked to the membership database. But it may not work easily with hotspot setups that work on a “self-service” model such as paid-service hotspots that require the user to key in their credit-card number through a Webpage or free-service hotspots that use a “click-wrap” arrangement for honouring their usage terms and conditions.

The organisation who runs the hotspot should also be aware of other public-access wireless networks operating in their vicinity, such as an outdoor hotzone or municipal wireless network that covers their neighbourhood; and regularly monitor the quality of service provided by their hotspot. Also, they need to pay attention to any customer issues regarding the hotspot’s operation such as “dead zones” or unexpected disconnections.

People who own private-access wireless networks should also keep these networks secure through setting up WPA-secured wireless networks. They should also check the quality of their network’s service and keep an eye on sudden changes in their network’s behaviour.

When wireless-network operators keep regular tabs on the network’s quality of service, they can be in a better position to identify rogue “evil-twin” hotspots

Improved standards for authenticating wireless networks

There needs to be some technical improvement on various WiFi standards to permit authentication of WiFi networks in a manner similar to how SSL-secured Web sites are authenticated. This could be based around a “digital certificate” which has information about the hotspot, especially:

  • the ESSID of the network ,
  • the BSSID (wireless network MAC) of each of the access points,
  • the LAN IP address and MAC number of the Internet gateway
  • the venue name and address and
  • the business’s official name and address.

The certificate, which would be signed by public-key / private-key method could be part of the “beacon” which announces the network. It would work with the software which manages the wireless network client so it can identify a wireless network as being secure or trusted if the signature is intact and the network client is attached to the network from the listed BSSIDs and is linking to the gateway LAN IP.

The user experience would be very similar to most Internet-based banking or shopping Websites where there is a “padlock” symbol to denote that the user is using an SSL-secured Website with an intact certificate. It will also be like Internet Explorer 7 and 8 where the address bar turns green for a “High-Assurance” certificate which requires higher standards. In this case, the user interface could use colour-coding and / or a distinctive icon for indicating a verified public network.

The provision of cost-effective wireless-network management software

There are some programs that can turn a laptop computer in to a wireless-network survey tool, but most of them don’t show much useful information, are hard to operate for anyone other than a network technician or are too costly. They miss the needs of people who run home or small-business wireless networks or wireless hotspots.

What needs to exist is low-cost wireless-network management software that can work with the common Microsoft or Apple platforms on computers that have common wireless . The software should be able to use commonly-available wireless network adaptors such as the Intel Centrino platform to perform site surveys on the WiFi bands and display the activity on these bands in an easy-to-view but comprehensive manner. The software should be easy to use for most people so they can spot interference to their wireless network easily and can “tune” their wireless network for best performance.

Similarly the popular smartphone and PDA platforms like Applie iPhone, Symbian S60 / UIQ, Blackberry and Microsoft Windows Mobile could have low-cost wireless-network management software written for them so they can make a handheld PDA or mobile phone work as a site-survey tool for assessing quality of service

Once this kind of software is available for small business and home users, it empowers them to assure proper coverage of their network and check for any “evil twin” or other rogue hotspots being set up to catch customers.

Summary

There needs to be more effort put in to setting up secure public-access wireless networks so that people can benefit from portable computing anywhere without forfeiting the confidentiality of their personal or corporate data.

It also will encourage people to gain the maximum value out of their WiFi-enabled portable information devices whether for their business life or their personal life.

12 March 2009 Posted by | Home computer setups, Internet Access And Service, Network Security, SOHO / Small business computer setups | , | Leave a comment

HomePlug in the commercial or institutional environment

Often HomePlug powerline networks are, by the name of the technology, pitched at residential networks, typically single-dwelling homes. But can a HomePlug powerline network, whether a v1.0 Turbo or an AV network exist in a block of flats, a shop or a small office?

There are many applications for the use of a HomePlug in the commercial or institutional environment. One would be to set up a network printer or other network-enabled device in a manner that allows the location to be changed at a moment’s notice. This would be of importance for equipment likely to be on the shop floor for example.

Another application would be to set up a multiple-access-point wireless network to extend the coverage of the wireless hotspot in your café or bar. One of the HomePlug wireless access points can easily do this job especially on a temporary setup or setups where you need to remove the access point at night as a security measure.

You may also want to use HomePlug for establishing a temporary network as part of an event that you host at a town hall, school assembly hall or other community facility, thus avoiding extra cables or unreliable wireless networks. Then there is the ability to try out computer-equipment locations for a certain amount of time before you have the electricians pull the Ethernet cabling to the final location.

An example of this kind of setup

At the moment, Devolo, a German company who manufactures HomePlug network devices, have “taken the bull by the horns” in its home market. They have run a German-language Web portal, about using HomePlug as a solution for establishing computer networks in schools. On this page, there are examples of three schools who have established HomePlug network segments that are known to be in full service.

AC power issues

The main issue is that AC power supplies which supply most of these locations aren’t similar to the typical residential AC power supply. These supplies typically involve a “multi-phase” wiring plan that is typically set up for larger motors or other large loads. This shouldn’t be really of concern for setups covering a flat, small shop or office because most of the power wiring is similar to that of a regular house. In the case of shops and other premises that have special equipment like large commercial refrigeration setups, the special equipment is typically wired to its own group of phases while the ordinary power outlets are wired to a single phase, in a manner similar to a domestic setup.

Similarly the large motors like those that typically drive commercial refrigeration / air-conditioning or lifts and escalators can yield interference as they are used. Similarly, arc welding and similar work equipment can increase the amount of interference in the power line. Another issue to remember is that there is very little chance of a HomePlug segment working if you plug any of the HomePlug devices in to one of those three-phase – single-phase powerboards used primarily to run large clusters of standard lighting or cooking equipment from a three-phase outlet. This is usually due to the use of transformers and different phases in these installations.

Testing a HomePlug network segment

When you set up a HomePlug powerline network segment in any of these premises that you haven’t dealt with before or where significant work has been done, you may have to do a test run at the locations you intend to set up your installation at before you run the installation full-time.

You could run the “PowerPacket” utility that comes with most HomePlug-Ethernet bridges to observe the link quality of your HomePlug segment and the existence of the other HomePlug devices that you have plugged in at the locations you want to use. The latter observation can be useful if some of the ordinary power outlets in the premises are wired to different phases. You can also observe changes in link quality when any of the heavy motors are in operation such as whenever someone is using the lift or the refrigeration compressor that serves the commercial refrigeration installation comes on.

Another test would be to do a simple network-based file-copy between computers connected to the HomePlug devices and time that copy process for actual throughput measurement.  At this time, it may be worth looking for changes in network behaviour when any of the heavy motors are in operation as in the situations described above.

But before you do these tests, make sure that the HomePlug equipment you intend to deploy in the commercial environment works properly at your home or at a location where you know from experience this kind of equipment has worked. Also, make sure that you can return the HomePlug equipment to whoever you bought it from if it doesn’t work or be able to buy the equipment “on approval”.

Other setup issues

Another good practice with deploying HomePlug in these locations is to set up an installation-unique Network Password for the installation. This can be easily done with HomePlug AV devices that have “Simple Connect” push-button setup because the HomePlug AV devices work out a unique code for that installation. On the other hand, you would have to use the setup software like PowerPacket to align all the devices (which have the Device Passwords physically on them) to the same Network Password. This allows your HomePlug network segment to work in a secure fashion.

Once you have used HomePlug in these kind of setups, you can be able to know what it can and cannot do in a particular location and defeat the common limitation of HomePlug being just for the home.

7 February 2009 Posted by | HomePlug powerline networking, Network Management, SOHO / Small business computer setups | | Leave a comment

Comments about the Intel vPro Anti-Theft Technology

Intel Demonstration video of vPro Anti-Theft technology in action

Linked through from the IntelChannel YouTube channel

My comments in relation to small businesses and home setups

The Intel vPro anti-theft technology as presented in the above YouTube video is promoted for use by larger companies or schools who have a fleet of notebook computers and people in their regular hire who manage their IT needs. This is typically represented by the segment where the user is working at a software or Web-based “console” to administer the “poison pill”.

This kind of facility may not be available to households or small organisations who manage their own IT needs unless the remote management functionality is available as a cost-effective service. Such a service could be offered by security firms who sell their services to residential and small-business customers and these firms could integrate the “secure notebook” as part of their business-security packages or as a stand-alone service.

10 January 2009 Posted by | Home computer setups, Network Security, SOHO / Small business computer setups | , , | Leave a comment