Dedicated server vs Shared Server:

Most people pick dedicated servers, this could be because they have some experience using this services or they already read some stories about this content. If we think logically on the word “shared” this drive us directly to the knowledge that we share some concepts of the server.We hope that the server we share is totally debugged and with zero problems, we don’t want any kind of downtime on our website, this is never sure for shared websites.

So why is better the dedicated server, you principally have total control on your website, also you can install any kind of application, you can update any kind of software or hardware in your server, it’s made by your specific requirements and only for them.

Also, this option is great for people that need to upload huge amount of data, and need great capabilities for bandwidth.

For the dedicated servers we also can provide the capabilities to manage firewalls and password access, this is for security purposes. If you have big knowledge on dedicated servers, can control any kind of problem

Basics of Dedicated server administration:

First of all, lets go through a list of general recommendations for all operating systems. The list is by no means comprehensive, but they are probably the most basic list of tasks & preventive maintenance tips that you will have to follow to keep your server up & running in top condition.

Set up authentication & account management before connecting to the network

• All accounts should have strong passwords.
• Administrative or root accounts should have even stronger passwords or passphrases.
• Only use the administrator or root account when absolutely necessary.
• Assign a unique administrative account and password to each individual to better distinguish activities between multiple administrators.
• Use different passwords for administrator or root and general user accounts.
• Force new users to change their passwords when they first login.
• Regularly review the access list or log for users, especially of root and groups. Look for unexpected rights or changes.
• Limit the use of the same password across dissimilar systems (use of the same password on a less secure system may endanger a more secure system).
• Disable or delete old or unused accounts that belong to people who no longer need access.
• Be sure to have a plan and process for securing administrator and root passwords that allows appropriate access to the server in case of illness, turnover, or unforeseen circumstances.

Install and patch the operating system before connecting to the network

• Run software that is current. The operating system and other software should be vendor supported for security patches.
• When installing software, make sure to only install software that is needed, making sure to install the latest versions of all software including all recommended and security patches that are available.
• Download patches to another Server and put on CD or obtain patches for Windows from the Microsoft website by ordering a CD version [If available].

Run minimum number of services

• Each server should only have the minimal number of services needed for its role.
• Make sure to configure all installed software, disable all unused features and be sure to limit the availability of any features that are enabled.
• Disable Telnet and FTP. Use SSH instead,

Install filters or firewall

• Install and configure a packet filtering utility such as TCP wrappers or a software or hardware firewall to protect individual services.
• The rules should reflect the acceptable use and security policies that have been defined for the Server.
• Operating system filters that deny or permit certain traffic should be used if available (e.g., most Unix and recent Windows versions).
• Periodically review the filters.

Set up and review logs

• Configure all services so that they log all connections and authentication information. Forward all of these logs to another secure computer if possible.
• Someone should be assigned the responsibility to periodically review and as appropriate follow up on possible security violations identified in the system logs.

Install security related software

• Install security related software on each Dedicated Server, as appropriate to the level of security needed.
• Install anti-virus or other virus filtering software with daily updating for the latest virus definitions.
• Install VPN encrypted tunnel if unable to install SSH or when clear text is a security risk.

Maintain backups and operational continuity

• Run back-ups regularly and periodically store off-site.
• Test the restore capability periodically.
• Use a “secure deletion” program to erase data from hard disks and media after done using and prior to transfer or disposal of hardware storing “not public” data.

What is SSH ?

SSH or Secure Shell is a suite of programs which provide encryption of sessions between computers. It is a secure replacement for telnet, rlogin, rsh and rcp. The encryption begins before the username/password conversation starts thus providing a mechanism for no plain text passwords traveling over the intra/internet. Secure Shell also provides a better means of authenticating host computers helping to prevent address spoofing attacks. The main features of SSH include secure remote logins, terminal emulation, fully integrated secure file transfers, and secure tunneling of X11 traffic.

SSH Clients

SSH clients exist for all common architectures and operating systems. Some are free, some are shareware or commercial versions.

SSH Clients for Unix/Linux

* OpenSSH is an SSH v1.x and v2.x compliant SSH package that is freely usable and re-usable by everyone under a BSD license.

With Dedicated Servers you get full root ssh access. You have complete control over the server administration and specifications.

Dedicated Server hosting
This form of hosting allows customers to lease pre-configured, high-end equipment and connectivity from the provider. Offering greater flexibility than shared hosting and less responsibility than colocated hosting, the customer generally retains control over their hosting environment. They choose their operating system and software and tailor it to their needs. The provider, however, remains responsible for administration.

Customers using a dedicated server hosting solution require an overall competency in IT and server administration issues. It also requires a more significant investment of finances, time and human resources than shared hosting.

Shared hosting
Sometimes known as virtual hosting, this is the most basic and the most inexpensive of hosting alternatives. With shared hosting, numerous customers host their websites on one server, sharing the cost of an Internet connection that’s generally faster and more secure than dial-up connections. An range of basic bundled services at a low monthly fee makes this a popular choice for first-time webmasters.

While economically sound, this type of shared hosting typically cannot handle large amounts of storage or traffic and the provider offers little to no IT services or flexibility.

Colocated hosting
For webmasters who desire complete control over their server, colocated hosting is an option. The provider offers only space for a server on their rack and usually a low performance bandwidth. The customer is responsible for everything else — purchasing, configuring and maintaining the physical hardware (servers, firewalls, etc.), software and the operating system.

Setting up and maintaining a colocated server is not a simple undertaking. It demands that the customer have a great deal of IT expertise and time. Any extra services or assistance by the provider also incurs extra costs.

Hosting often uses its own language, or languages, comprised of acronyms, proprietary names and terms that have been granted new meanings. For some it’s a first language. For others it’s an entirely new language. This abridged glossary is designed to assist in “translating” the more common hosting terms into more common language.

Apache
One of the world’s most popular Web server programs, Apache was built by a group of open-source programmers and is often used because of its outstanding performance, strong security features and the fact that it is free.

Application Infrastructure
The software components that your custom application relies on for its functionality. Examples include web servers, application servers and database servers.

Bandwidth
The amount of data that can be transmitted at a given moment to a server. The higher your bandwidth, the larger amount of traffic your site can handle at one time.

CGI
Short for Common Gateway Interface, a small script that processes data taken from the user (such as from a form application).

Cgi-bin
The directory on a web server where CGI scripts are stored.

DDoS
Short for Distributed Denial of Service Attack, the most common form of attack on network devices. It overwhelms a network by monopolizing its bandwidth by flooding it with information from multiple hosts, thereby preventing legitimate network traffic.

Device
Refers to the individual hardware components that make up a unique hosted configuration. This includes servers, firewalls and load balancers.

Firewall
A piece of security software or hardware designed to protect web servers. They are typically used to protect sites from hacker attacks/unauthorized access.

FTP
Short for File Transfer Protocol, a method of allowing remote users and Web servers to exchange files.

HTML
Short for HyperText Markup Language, the language by which web servers and client browsers communicate. All server-side functions (such as database processing), although they may be performed in another language, must eventually be output back to the user in HTML.

HTTP
Stands for HyperText Transfer Protocol, the protocol by which HTML files move across the Internet. HTTP requires a client browser and an HTTP server (typically a web server).

IDS
Short for Intrusion Detection System, it recognizes all types of hostile network traffic and computer usage that can’t be detected by a conventional firewall.

IIS
Short for Internet Information Server, Microsoft’s server software for Windows NT/2000.

IP
Short for Internet Protocol, which designates the format of “data packets” that are used to exchange information over the Internet.

J2EE
Short for Java 2 Platform, Enterprise Edition, J2EE is a programming platform for developing and running distributed multi-tier architecture applications, based largely on modular components running on an application server.

LAMP
An acronym for a set of free software programs commonly used together to run dynamic Web sites:

* Linux, the operating system;
* Apache, the web server;
* MySQL, the database management system (or database server);
* Perl, PHP, and/or Python, scripting languages.

Load Balancing
Distributing data across a network of servers in order to ensure that a single Web server does not get overloaded with work, thereby affecting performance.

Managed Backup
Refers to the copying of data for the purpose of having an additional copy of an original source, specifically storing data on separate tape media not located on the server. If the original data is damaged or lost, the data may be copied back from that source.

Name Server
A server responsible for translating domain names and IP addresses.

NOC
Short for Network Operations Center, a hosting company’s “home base,” so to speak. The NOC is usually where most administration, technical support and physical server storage takes place.

Packet switching
The method by which most data is exchanged throughout the Internet. Most data is broken down in to smaller “packets” prior to transfer, and then reassembled at the destination.

RAID
Short for Redundant Array of Independent Disks, a method of data protection/backup. Data is stored over a number of servers so that information will still be accessible if a piece of hardware/software crashes.

SAN
Short for Storage Area Network, a network designed to attach computer storage devices such as disk array controllers and tape libraries to servers. In a storage network, a server issues a request for specific blocks, or data segments, from specific disk drives. This method is known as block storage. The device acts in a similar fashion to an internal drive, accessing the specified block, and sending the response across the network.

Scalability
The ability of a piece of software or hardware to expand/grow as necessary.

Service Level Agreement (SLA)
A formal written agreement made between two parties: the service provider and the service recipient. The SLA itself defines the basis of understanding between the two parties for delivery of the service itself. The document can be quite complex, and sometimes underpins a formal contract. Generally, an SLA should contain clauses that define a specified level of service, support options, incentive awards for service levels exceeded and/or penalty provisions for services not provided.

SQL
Short for Standard Query Language. A standard protocol used to request information from databases. Servers that can handle SQL are known as SQL servers.

SSL
Short for Secure Sockets Layer, a protocol developed by Netscape to handle and protect confidential/sensitive information required for e-commerce transactions (like credit card numbers). SSL addresses usually begin with ‘https’.

VPN
Short for Virtual Private Network, a private communications network usually used within a company, or by several different companies, to communicate over a public network.

Web Hosting
Web hosting is a service that allows users to post web pages to the Internet. A Web host, or hosting service provider (HSP), is a business that provides the technologies and services needed for Web sites to be viewed on the Web.

XML
Short for Extensible Markup Language. XML is a language allowing developers to create their own markup tags. All XML tags are defined by the programmer, and can be interpreted differently in different applications. For example, the “” tag in HTML means Italics, but could mean anything in XML, depending on the function the developer assigns to it.

The Sun Java System Messaging Server (formerly Sun ONE Messaging Server) is a high-performance, highly secure messaging platform one of the leaders in the service provider messaging market. Scaling from thousands to millions of users, the Java System Messaging Server is suitable for both service providers and enterprises interested in consolidating email servers and reducing total cost of ownership of communications infrastructure.

The Sun Messaging server also provides extensive security features that help ensure the integrity of communications through user authentication, session encryption, and the appropriate content filtering to help prevent spam and viruses.

The Sun Java System Messaging Server along with the Sun Java System Calendar Server and Sun Java System Instant Messaging offer their users a comprehensive communications and collaboration environment. The Sun Java System Messaging Server is also a key component of the Sun Infrastructure Solution for Enterprise Messaging Consolidation, enabling customers to offer rich collaborative services while dramatically reducing costs.

Key Features
* High performance and scalability
* Extensive security features
* Virtual domain hosting and delegated administration
* Scalable, robust and extensible messaging components
* Multiple client support

It has been ported to Unix, Linux & Windows Operating systems.

This mail-server from Qualcomm’s Eudora division works on WinNT server, Workstation 4.0 or higher or Windows 2000 & above Operating systems. Simple to Use and Manage Installs easily and requires very little administrator maintenance. Users can take advantage of web-based administration tools to manage their accounts, view account status, change passwords and create auto-reply and vacation messages - all without administrator intervention.

The WorldMail Management Center offers powerful server administration via its central and remote management facilities and easy-to-use interface.

Security The Eudora WorldMail Server features built-in security features including APOP and CRAM-MD5 authentication facilities to avoid sending passwords over the network, multi-level access control and Windows NT security services.

Robust Functionality Standards-based Internet messaging server seamlessly supports both Internet Messaging Access Protocol (IMAP4) and Post Office Protocol (POP3) clients for transparent migration and co-existence.

Native to Internet Open, standards-based client/server architecture , Eudora WorldMail Server easily integrates with off-the-shelf Internet-standards based applications and supports Internet-standards compliant email clients like Eudora Pro Email and Eudora Light.

Help Built-in online help facility and electronic documentation make operation of the server easy and convenient.

The Netscape Messaging Server quickly delivers email with embedded sound, graphics, video files, HTML forms, Java applets, and desktop applications. Netscape claims that the Messaging Server outperforms other messaging systems in the speed of message processing, handling of queues, and power of directory lookups. Organizations that use Messaging Server will find that they can communicate with virtually all mail systems and gateways.

Offering unparalleled power, felexibility, and security, the Messaging Server supports thousands of users per system. It offers remote connectivity with support for controlled downloads or slow modem connections, vacation notices and automatic replies, confirmation of delivered messages, and flexible security. You can improve your company’s productivity as well as your customers’ satisfaction by setting up automatic email responders for customer queries, automatically building mailing lists of contacts, and updating employees’ desktop software by sending executable applications over email.

Upgrade and expand easily, even from proprietary systems. Messaging Server can expand to handle information coming from proprietary systems and can convert existing information from legacy systems automatically, including existing attachments and personal address books. Because this server adheres to all the Internet standards for transferring information, it’s much easier to administer and maintain than traditional proprietary networks.

Lower cost of ownership through centralized user management. Messaging Server includes Netscape Directory Server and can access all other directories and address books. Messaging Server is a Lightweight Directory Access Protocol (LDAP) client that leverages a shared repository for user, group, and other directory-style data using the LDAP Internet directory protocol. This shared directory architecture gives Netscape SuiteSpot administrators a single place from which to manage users, groups, and other shared data.

The Internet Exchange Messaging Server (IEMS) is a highly modular and scalable open architecture messaging system. It can be used from small single machine installations to fully distributed systems linking geographically distributed sites into a common set of logical domains. Its various components can be run on a single machine or in a distributed environment. Administrators can install IEMS on Windows 98 and ME (Anti-Virus Detached Machine), NT, 2000, and XP. For Linux administrators, IEMS can be installed on RedHat Linux 6.2 through 9.0; Mandrake 8.2 through 9.1; SCO Linux Server 4.0 (United Linux 1.0); RedFlag, and Cosix (CS&S).

A technical introduction and specifications to IEMS can be found here. In additional all IEMS Documentation is freely downloadable.

Internet Exchange Messaging Server totally integrating spam detection, handling, and decision making across the entire messaging system - from connection controls through to the end user mail client. IEMS spam control measures include SMTP connection controls (site and Internet blacklisting), mail relay, MTA level content analysis, user mail sorting, and user directed Bayesian filtering. Site administrators are able to define site wide spam security policies, while deferring decisions on many of the spam detection methods to the end user, including SMTP connection controls.

This combination of SMTP controls, Content Filters, Bayesian Filters, DNS Blacklists, and the integrated extension of these controls to the end users allows for an extremely flexible protection system, designed to block the maximum number of problem messages with no collateral damage.

Some of the many features include anti-virus scanning, attachment filtering at the MTA level, distribution list manager, batch SMTP, connector modules to legacy mail environments such as Lotus cc:Mail and Notes, and more. Messages can be retrieved from the IEMS Message Store using any standard POP3 or IMAP4 capable client (Outlook Express, Eudora, Evolution, etc), as well as the customizable IEMS Web Mail Client. The Web Mail client also supports private and public address books as well as online file storage through web folders. IEMS also supports Outlook compatible calendaring and scheduling, allowing for a natural migration path from Microsoft Exchange.

IEMS is licensed in either Standard Enterprise Edition or Professional Enterprise Edition modes. Both editions are identical in terms of functionality with the exception that the Professional Enterprise includes cc:Mail and Lotus Notes connectors and also has the ability to operate across distributed systems.

IMA provides a free public test environment you can log into now to get an immediate feel for the power and flexibility of IEMS or you can download your own copy and test it on your server for free for 30 days.