1. Introduction
Let’s agree data is the lifeblood of any organization. Whether it’s a high-growth startup or a steadily scaling small-to-medium business (SMB), the sheer volume and importance of data being generated cannot be overstated. This data isn’t just numbers or files; it’s intellectual property, customer details, operational strategies, and much more.
At the same time, budget constraints are a reality for many SMBs and startups. High-end data storage and networking solutions from major manufacturers often come with a hefty price tag. These systems, while offering advanced features and guarantees, may not always be within financial reach of smaller organizations.
Our proposed solution aims to provide a blueprint for setting up an in-house wireless network and storage system with a total budget under $3000 CAD. This system offers robustness, redundancy, and scalability, without breaking the bank. By leveraging cost-effective yet reliable equipment and open-source software, businesses can gain full control of their data and a network that fits their budget.
2. Essential Hardware and Software Components for an In-house Network and Storage Solution
When conceptualizing a comprehensive in-house network and storage solution, several critical hardware and software components come into play. Let’s break down these essentials:
Hardware Components:
Primary Storage System: This is the heart of your data storage infrastructure. A robust storage system ensures fast access to data, scalability as your needs grow, and redundancy to safeguard against data loss.
Backup Storage: Redundancy is key in data management. A secondary or backup storage system ensures that even if your primary storage faces issues, there’s a backup of your data to fall back on.
Network Router: Acts as a gatekeeper and manager for all the data traffic coming in and out of your organization. It’s essential for directing data to the right places and ensuring smooth internet access.
Managed Switch: This device allows for finer control over network traffic, enabling you to segregate and manage data flow within the organization. It’s especially useful for larger setups where different departments or teams might need separate network segments.
Wireless Access Point (AP): Ensuring seamless wireless connectivity throughout the office is crucial. An AP extends your wired network to wireless devices.
Uninterruptible Power Supply (UPS): Protects your equipment from power fluctuations and provides a backup power source in case of outages. This ensures that critical systems keep running long enough for a proper shutdown or switch to alternative power.
Software Components:
Network Operating System: This software manages and oversees network operations, making it possible for different devices and systems to communicate with each other seamlessly.
Storage Management Software: Provides tools for organizing, accessing, and protecting data stored in your primary and backup systems. Features like RAID management, disk health monitoring, and snapshot capabilities often fall under this category.
Firewall & Security Software: Protects your internal network from potential external threats. This software monitors incoming and outgoing traffic, blocking suspicious activities and preventing unauthorized access.
Backup & Recovery Software: Essential for automating data backup processes and restoring data in case of any loss or corruption.
Monitoring & Analytics Tools: These help in keeping an eye on the health and performance of your network and storage systems. They can alert you to potential issues before they become critical problems.
Understanding these fundamental components provides a foundation upon which a tailored solution can be built. While specific brands, models, and software choices might differ based on budget and requirements, the core idea remains the same: to create a robust, secure, and efficient environment where data flows smoothly and is stored securely.
The Storage
QNAP is a well-regarded brand in the Network Attached Storage (NAS) industry. Over the years, they’ve built a reputation for producing versatile and user-friendly NAS solutions suitable for a range of applications, from home media centers to business data storage solutions.
I have implemented a few QNAP in customers in retail, construction, engineering, and medical practice.
- User-Friendly Interface:
QTS Operating System: QNAP’s NAS devices run on their QTS operating system, which provides an intuitive and visually appealing user interface. This makes tasks like file management, system monitoring, and application management straightforward, even for users without extensive technical knowledge.
- Versatility:
Snapshots: One of the standout features of QNAP NAS is the ability to take snapshots of the system. These snapshots capture the system state and data at specific points in time, allowing for easy recovery in case of accidental deletions or system malfunctions.
RAID Support: QNAP devices support various RAID configurations, providing a balance between performance, storage capacity, and data redundancy. Very easy to configure.
NVMe SSD Caching: QNAP systems allow the addition of NVMe SSDs to be used as cache. This significantly boosts the performance of the system, especially for frequently accessed data.
- Extensive Backup Options:
Hybrid Backup Sync: QNAP’s solution for comprehensive data backup, synchronization, and recovery. It supports local, remote, and cloud-based backups, ensuring data safety across multiple locations and platforms. Love it.
Remote Replication: For businesses with multiple locations or for those wanting offsite backups, QNAP allows for real-time or scheduled data replication to other QNAP systems or FTP servers. This is particularly interesting if you want to mix different platforms.
- Seamless File Access and Synchronization:
QSync: A key feature that allows users to access and synchronize files across multiple devices easily. Any changes made to files are instantly updated across all linked devices, ensuring consistency and up-to-date data. It allows multiple conflict resolution policies and the definition of space usage with mix policies. This is super valuable if I am dealing with customers with different laptop storage availability – we can decide what stays in the server and what is synchronized at the file/folder level.
myQNAPcloud: Offers secure remote access to your QNAP NAS from anywhere, ensuring that users can always reach their data when needed.
- Expandability and Integration:
App Center: QNAP NAS devices come with an App Center that offers various applications to enhance functionality. Whether it’s media streaming, virtualization, surveillance, or content management, there’s likely an app for it. I will write about how great this can be for some content developers in a future article (vs a Linux machine, its so much simpler for a less technical individual).
- Security:
Integrated Security Features: QNAP systems come with integrated antivirus, IP blocking, 2-step verification, and encrypted access to ensure data safety. It does a fairly good job keeping idiots away. But make no mistake – running AV software on a large volume takes a long time – these are not CPU powerful machines – we are on a budget.
VPN & Private Cloud: With QNAP, you can set up a secure private cloud or use it as a VPN server/client for encrypted remote access. Had a customer using this for a while and it was quite handy and simple to set. Not anymore, but worth mentioning.
- Multimedia and Streaming:
QNAP isn’t just for businesses; many users appreciate its capabilities as a home media server. With applications like Plex, it becomes a powerful multimedia hub.
And I will also tell you a small secret – QNAP NAS come with low memory and their specifications (on this small models) mention a low memory limit – but I have used them with double their specification limits with no trouble. I have a customer running a 6 year old TS-453 with 16Gb – it’s not supposed to support more than 8Gb. It does give it a lot more room, both for file caching but also to run any app on the server, if needed.
Main Server
My budget choice is the QNAP TS-464, a compact 4-bay NAS designed to cater to the diverse needs of Small and Medium-sized Businesses (SMBs).
Why is it the perfect budget choice for SMBs:
High-Speed Connectivity: The TS-464 is equipped with 2.5GbE networking capabilities. With the increasing prevalence of 2.5GbE in switches, motherboards, and laptops, this NAS ensures fast data transfer speeds, delivering up to 589 MB/s, which is comparable to a single-port 10GbE NAS.
Good Processor: It has an Intel® Celeron® N5095 quad-core processor that can burst up to 2.9 GHz. This ensures optimized performance for various tasks.
Enhanced Encryption: The built-in Intel® AES-NI 256 hardware-accelerated encryption ensures data security without compromising system performance.
Expandable Storage: The TS-464 supports a storage capacity of up to 66 TB. Additionally, by connecting to a QNAP storage expansion unit, you can further expand the storage, catering to growing business needs.
M.2 SSD and PCIe Expansion: The NAS comes with two M.2 PCIe Gen 3 slots, allowing for faster data access with NVMe SSD or enhancing AI capabilities with Edge TPU.
Backup and Data Protection: With features like snapshots, Qsync, and various backup solutions, the TS-464 ensures data protection and easy recovery.
Surveillance Capabilities: It offers a professional surveillance solution, compatible with over 6,000 IP cameras from 190+ brands.
Virtualization: The TS-464 supports multiple virtual machines and containers, allowing businesses to deploy diverse applications efficiently.
Enhanced Cybersecurity: Comprehensive privilege settings, along with various security apps, ensure the NAS is protected against potential threats.
Drive Health Monitoring: Tools like S.M.A.R.T., bad block scanning, and Seagate® IronWolf™ Health Management ensure the long-term health and reliability of the hard drives.
The QNAP TS-464 is a multifaceted device that can handle a wide range of tasks, making it a valuable asset for any SMB. Its features are tailored to meet both the basic and advanced needs of businesses, ensuring efficiency, security, and scalability.
How much does it cost?
In Canada, the TS-464 costs (Aug 2023) around $750 CAD. If you add 4x 4TB HDD (Seagate or WD), each costing around $110 CAD, you will add $440 CAD more.
We will also add a 1TB NVM from Samsung (980 Pro) for $110 CAD.
TOTAL MAIN SERVER COST: $1300 CAD
Backup Server
Implementing a remote backup strategy using QNAP’s tools and hardware, with the main server in the office and a smaller unit, like the TS-133 NAS, in a remote location, offers a cost-effective yet robust solution for data protection. This setup is an example of achieving enterprise-grade data resilience without the high-end price tag. Let’s investigate how this solution works and why it’s a great value:
- The Importance of Remote Backups:
Protection from Local Disasters: Natural disasters, fires, theft, or even simple hardware malfunctions can compromise data stored at the primary location. By having a remote backup, you safeguard your data from such local calamities.
Data Redundancy: Storing critical data in more than one location ensures that if one site faces issues, the data remains intact and accessible from the other location.
- Setting Up the QNAP Remote Backup Solution:
Primary NAS Setup: Your main server (the primary QNAP NAS in the office) will hold all your essential data, applications, and configurations. Regular operations and data access occur on this server.
Remote NAS Setup: The TS-133, being a single-disk NAS, is a cost-effective yet reliable solution for remote backup. Located at a different site, it will store backup copies of the data from the main server.
Hybrid Backup Sync: This is QNAP’s comprehensive backup solution. Using Hybrid Backup Sync, you can set up daily backups from the main server to the TS-133. The software supports real-time, scheduled, and manual backups, giving you flexibility in deciding how and when the data gets transferred.
- How It Works:
Configuration: Using the QTS interface on the main server, you’ll navigate to the Hybrid Backup Sync application. From here, you can set up the remote TS-133 NAS as a backup destination.
Scheduling: For businesses, it’s usually best to schedule backups during off-peak hours to minimize any impact on network performance. With Hybrid Backup Sync, you can set the backup to run daily at a specific time, ensuring that the TS-133 always has the most recent data.
Data Transfer: The software ensures that only the new or changed data is transferred during each backup, making the process efficient and bandwidth-friendly.
Data Integrity Checks: Post-backup, the software can verify the integrity of the backup, ensuring that the data on the TS-133 matches the source data.
Encryption: To ensure security during data transfer, Hybrid Backup Sync supports data encryption, ensuring that your data is protected while in transit.
- Benefits of this Setup:
Cost-Effective: With the primary server handling the brunt of the operations and the TS-133 serving as a backup, you’re achieving a resilient data protection solution without the cost of high-end, multi-disk backup systems.
Simple Configuration: QNAP’s user-friendly interface ensures that setting up this backup solution is straightforward, even for those without deep technical expertise.
Peace of Mind: Knowing that your essential data is backed up in a remote location provides peace of mind and ensures business continuity in case of unexpected events at the primary location.
Leveraging the capabilities of QNAP’s NAS systems and Hybrid Backup Sync software, businesses can achieve a high-end remote backup solution on a budget. It’s proof to the idea that with the right tools and configuration, enterprise-grade resilience doesn’t always come with an enterprise-grade price tag.
How much does it cost?
In Canada, the TS-133 costs (Aug 2023) around $220 CAD. Add $110 CAD for a 4TB HDD (Seagate or WD).
TOTAL BACKUP SERVER COST: $330 CAD
The importance of an Uninterruptible Power Supply (UPS)
The importance of safeguarding servers with an Uninterruptible Power Supply (UPS) cannot be overstated. Servers are the backbone of many businesses, housing critical data and applications that ensure the smooth operation of various functions. A sudden power outage can not only disrupt these operations but also lead to data corruption, hardware damage, and significant downtime. This is where a UPS comes into play, acting as a lifeline for servers during power inconsistencies.
A UPS provides emergency power to the server when the main power source fails, ensuring that there’s no abrupt interruption. More advanced UPS systems can be directly connected to the server and configured to trigger an automatic, controlled shutdown if the power outage exceeds a specified duration. This feature is crucial because a sudden loss of power can result in incomplete transactions, data loss, and potential damage to the server’s file system. By initiating a controlled shutdown, the server can safely close processes, save data, and turn off, minimizing the risk of corruption.
Moreover, while the automatic shutdown feature is invaluable, it’s equally important for the UPS to have a robust battery buffer. The shutdown process, especially for large servers or those running multiple applications, can take some time. A substantial battery reserve ensures that the server has ample time to complete its shutdown sequence without being prematurely cut off due to the UPS battery draining. In essence, the battery buffer acts as a safety net, providing the server with the necessary window to protect its data and maintain the integrity of its systems.
Integrating a UPS with server infrastructure is a proactive measure to guard against unpredictable power disruptions. It not only ensures operational continuity but also plays a pivotal role in preserving the longevity and integrity of the server’s data and hardware components.
The APC Back-UPS Pro BR1000MS is such UPS and it provides around 43 mins on a 100W power consumption. That means it will have plenty of juice for not only our main server, but also the networking equipment we will pick after
How much does it cost?
In Canada, the APC Back-UPS Pro BR1000MS costs (Aug 2023) around $270 CAD. Add $130 CAD for a smaller UPS for the backup server (as it will be remote).
TOTAL UPS COST: $400 CAD
Network Equipment
Firewall – pfSense
Time to look into the networking equipment. Starting with the firewall (or UTM), I am a fan of pfSense, a widely-used, open-source firewall and router software distribution. It is based on the FreeBSD operating system and provides a range of features suitable for both small and large organizations.
If someone tells you that you should always buy a commercial firewall, ask them about port knocking. Ask them to position pfSense in the magic quadrants and compare to the known manufacturers – some will probably be set to shame.
If set properly, it competes with solutions that are several orders of magnitude more expensive.
Here are some key points and features about pfSense:
- History & Background:
pfSense started in 2004. Since then, it has grown in popularity and has established itself as a reliable and feature-rich solution for network security and management.
- Core Features:
Firewall: At its core, pfSense is a powerful firewall with stateful packet inspection, NAT, and support for multiple interfaces.
VPN: pfSense supports multiple VPN technologies, including IPsec, OpenVPN, L2TP, and PPTP, allowing secure remote access and site-to-site connections.
Routing: It can act as a router, supporting static routes, dynamic routing using protocols like OSPF and BGP, and multi-WAN for load balancing and failover.
Traffic Shaper: Allows for Quality of Service (QoS) configurations to prioritize certain types of traffic and ensure bandwidth is used efficiently.
Captive Portal: This feature lets administrators set up a landing page for network users, often used in public Wi-Fi networks for authentication or terms of service acceptance.
DHCP Server & Relay: Assigns IP addresses to devices on the network and can relay DHCP requests to another server.
DNS Forwarder & Resolver: Helps in domain name resolution and can also block or redirect specific domains.
Reporting & Monitoring: Provides detailed insights into network traffic, system logs, and other metrics through its dashboard and reporting tools.
High Availability: Supports configurations for failover and redundancy to ensure network uptime.
- Extensibility:
pfSense has a package system that allows users to install and manage additional applications, extending its capabilities even further. Examples include Snort (for intrusion detection), Squid (for caching and web filtering), and many others.
- Community & Support:
Being open-source, pfSense has a large and active community. This means a wealth of online resources, forums, and documentation is available for users.
- Hardware Compatibility:
pfSense can run on a wide variety of hardware platforms, from old PCs to dedicated hardware appliances. Netgate also sells hardware devices specifically optimized for pfSense.
- Licensing & Cost:
pfSense is free to use under the Apache 2.0 license. However, commercial support and some advanced features may come at a cost. I have never used any of such paid features.
- Security & Updates:
The pfSense team regularly releases updates to address security vulnerabilities, add new features, and improve system stability. It’s essential to keep the system updated for optimal security and performance.
pfSense is a versatile and comprehensive solution for those looking to set up a firewall or router without the hefty costs associated with commercial alternatives. Its open-source nature, combined with its rich feature set, makes it a favorite choice among IT professionals and hobbyists alike.
Managed Switch
Our pfSense will be connected to a managed switch and a $90 switch is perfect. With that budget we can even get a managed POE switch that can power our Wireless Access Point.
I have picked it in the past and will pick it again – the TP-Link TL-SG108PE is an 8-port managed switch (with 4 POE ports that total more than 60W). Simple to setup and it does what we want.
Wireless Access Point
Our network is almost done, we just need a Wireless Access Point. Our budget choice is the TP-Link Omada WiFi 6 AX1800. It can be powered by our POE switch, and it is also quite simple to setup. Comes with the required fixtures to be ceiling mounted.
How much does it cost?
In Canada, we can get the Netgate 2100 (that comes with pfSense preinstalled) for $550 CAD.
The TP-Link AX1800 Wireless AP costs around $150 CAD.
The switch costs $90.
TOTAL NETWORK EQUIPMENT COST: $800 CAD
Some additional considerations
- The UPS continuously monitors your power consumption, allowing you to also monitor costs and emissions. Having emission data can be important for some certifications and government programs.
- Imagine you have a leased office with no network cabling in place and you have one or two pieces of equipment, like a big network printer, one of those that look like a tank, that needs to be wired, and connecting it directly to the switch is out of question. The easy solution? A powerline adapter. This way can move the tank to whatever corner of your office (that has a power plug) you want. For the absurd amount of $60 CAD.
A powerline network adapter is a device that allows you to use the existing electrical wiring in your home or office as a medium to transmit network data. It offers an alternative to traditional Ethernet cabling or Wi-Fi by providing a wired network connection using power outlets. Here’s how it works and its key features:
Pair of Adapters: Powerline networking typically requires at least two adapters. One adapter is connected to your router and plugged into an electrical outlet. The second adapter is plugged into an outlet near the device you want to connect, such as a computer, printer, etc. The connections are made with an ethernet cable.
Data Transmission: The adapter connected to the router converts the network data into a signal that can be carried over your home’s electrical wiring. The second adapter then decodes this signal back into network data and delivers it to the connected device via an Ethernet cable.
Conclusion
Ensuring efficient, secure, and scalable data and network infrastructure is paramount for any organization. For startups and small-to-medium businesses (SMBs) operating on tighter budgets, this can seem like a daunting task. However, the solution we’ve outlined illustrates that robust infrastructure doesn’t necessarily equate to extravagant expenses.
With an equipment investment below $3000 CAD, startups and SMBs can secure a system that can competently serve a dozen users.
Key Benefits Recap:
Cost-Effective: Achieve enterprise-level data resilience and network efficiency without the enterprise-level price tag.
Scalability: As your organization grows, this solution can evolve with you, adapting to varied purposes and increasing demands.
Full Control: Less vendor locks, recurring cloud fees, and third-party data control. Your data, your rules.
Versatility: Whether it’s data storage, multimedia streaming, or virtualization, the system can handle it all, making it a one-stop solution for diverse needs.
Data Redundancy and Security: With features like RAID configurations, remote backups, and robust firewall protection, ensure your data is both secure and easily recoverable.
User Satisfaction: My current users of similar configurations vouch for its efficiency, making it a tested and tested solution.
In the age of cyber threats, data breaches, and increasing digital dependency, taking control of one’s data and network infrastructure has never been more critical. Startups and SMBs, should not be deterred by budget constraints. Embracing this cost-effective, reliable, and versatile solution, can pave the way for a secure and efficient digital future for your organization.