• Level 2, 194 Varsity Parade, Varsity Lakes, Gold Coast

Posts By :

Madtech Computers

MadBLOG 10-10-18

Stay smart online week 8-10 October.

One of the easiest ways to stay safe online is to keep your software updated.

It’s too easy to skip the update now button when it pops up on your phone or your computer, but just taking some time to update your phone, your computer or your apps helps plug security holes in them.  It also helps add new features, and fix any bugs that cause them to crash or not work properly.

If you install updates as soon as they appear it reduces the amount of time hackers have to compromise your system.

A way to stay safe online is to make updating software a priority.  Set the time aside to update the software on your pc periodically.  Or you can even set your pc or phone to do it automatically.  Of course it can cause some software instability to install software patches that aren’t thoroughly tested but I estimate this to be between 1-5% of updates can cause system crashes or instability.

The benefits outweigh the risks of patching software.  This coupled with data backups, bare-metal recovery system disks and restore points all help.  Especially if your updates are done frequently, you may only need to do your quarterly MS updates and any 3rd party software updates, which may only be one or two at a time.

Staff Monitoring Software

Qustudio

https://www.qustodio.com/en/business/

https://www.qustodio.com/en/business/plans-and-pricing-for-business/

Pricing breakdown:

$9.95 USD for 5 devices per month
Staff monitoring software requirements:

Time spent in Outlook? Yes it does monitor applications used.

What websites are being accessed?  Yes

What websites in incognito mode? On Windows and Mac, Qustodio monitors and filters incognito browsing just as well as regular browsing and there is no special setting to activate for this to happen

Time spent in websites?

Screenshots of websites? Yes it takes screenshots of websites visited

Time spent in different applications including Word, Photoshop? Yes it does monitor applications used.

Considerations:

Often people will leave a program open but not actively using it, including Outlook.  I personally leave outlook open in one monitor but go back to it to write or reply to an email?

Utilise the trial period first for testing purposes.  If happy, then purchase the license after testing for 30 days.

Can customise the configuration prior to install so can on board to device quickly.

If application monitoring doesn’t work, try disabling any security suites or anti-virus.

No phone support, only email support.

Supported platforms:

Windows            (Windows 7 and up)

Mac       (Mac OS 10.8 onwards)

iOS         (iOS 7 onwards)

Android (4.0 and onwards)

Telstra VDL Ethernet connection speed increase

Another client we have is currently running “business grade Ethernet” from Exetel, who I think resell an AAPT Internet connection. Despite paying for a 14/14 Mbps connection, with 20+ users running 1-2 devices + a VOIP phone they were constantly exceeding bandwidth and experiencing slowdowns, loss of internet, dropping phone calls etc.

A lot of this was also due to the fact that the ISP was really only providing a 10/10 connection, not a 14/14 as per contract. When disputed with the provider, the line was; we provide UP TO 14/14 connection.

So after negotiations with Telstra representatives, they client chose to upgrade to a fibre to the premises 50/50 Ethernet VDL internet upgrade.

First Telstra sent someone to do a site survey, including could they run fibre cabling from the ground floor up to the second floor including through 2 x concrete slabs. There was no conduit left to run cabling through, so holes had to be cut through the slab.  This cost was passed onto the client as part of the installation costs.

Once the site survey was complete, the client met with the Telstra account manager, and they agreed on a contract and costings.  For a 50/50 MB connection, the cost would be $850 per month excluding GST.

Once the contract was signed, Telstra sent cable technicians who ran the fibre cable to the clients network cabinet.  Another engineer then installed a Cisco basement switch in the rack.  A connection date was then  provided by the account manager, and I was booked in by the client to be on site that date.

We then sent a technician to the site to configure the WAN connection.  Unfortunately, the WAN connection was DOWN when configured, so the MTC engineer contacted Telstra to report the fault.  Telstra reported that the connection hadn’t been provisioned (activated) yet.

So, the connection was provisioned about a week later, so we went back to site to configure the WAN connection on the router.  The router they were using was a Netgear FVS 336 v3.  This is a dual-WAN Gigabit router.  We left WAN connection 1 as the existing Exetel ISP connection, and configured WAN 2 as the new connection.  We first left WAN type as auto-sense, and shaped the WAN up/down speeds as 50 MB / 50 MB.  We then added the IP address (external), subnet mask, and Telstra DNS settings.

Once done, and the WAN state was showing as up, I made the WAN 2 connection active.  We then commenced speed tests, and the results were disappointing.  We were getting 35 MB Down, and about 25 MB up.  I contacted Telstra Business Internet support, and we tweaked the WAN settings; in particular changed the traffic shaping from 50/50 to 100/100.  I also changed the WAN connection type from auto sense to 1000 Base T-Full duplex.  With this we got the speeds up to 40/30.  This is a speed test from a laptop over a wireless connection, obviously inside the LAN.  All of the router configuration was currently being done remotely with external access to the router.  We were then contacting the clients office if we needed to warn of any router restarts or dropouts.

Now Telstra Level 2 technicians requested we go to site to perform isolation tests.  We went back to site, switched the router active WAN back to WAN 1 the original ISP which was still active.  This was a slower speed, but at least the users could still work while I configured the WAN 2 connection.  For this, i removed the Ethernet cable from WAN 2 on the router back to the Ethernet port on my laptop.  I then set the IP address, gateway, subnet mask, and DNS on the Ethernet adaptor on the PC connected directly to the Telstra basement switch.  I then performed an group of 5 speed tests so I could get an average.

The average speed I got after performing the isolation test was 48 MB down / 36 MB up.  Telstra said this was an acceptable speed, which we then  disputed with the account manager, who had promised a minimum speed of 48/48 MB.  On top of this, the contract came through from Telstra which said the speed we requested was 100 MB/100 MB, at a cost of $1100 ex gst per month, a $350 per month ex GST increase!

So we are currently disputing this with Telstra obviously.  The L2 engineer recommended to me to upgrade the router, which I refused.  This would be a significant cost to the client, approximately $800 – $1000, and no guarantee it would resolve the issue.  If they were not shaping the last Mbps of the upload, then we would get closer to 45-50 Mbps upload speed, which would be acceptable.

 

VOIP Phone system project

Another client was running an old Fortinet Talk switch VOIP phone system.  We had been supporting the old voip system for the client for the last 6 years, and had recommended a replacement phone system, but the recommendation wasn’t followed due to lack of funding.  We were constantly fixing issues with holiday scheduling (when the phone diverts to voicemail on designated holidays and out of office hours), and general communication between the phone system and the Netgear router.  Communication between the phone system and router was only fixed by restarting both the router and the talk switch remotely.

Now the Talkswitch finally stopped working all together so the client had no alternative but to upgrade the phone system.  MadTECH Computers Business IT Support had preempted this by earlier finding a cloud-based PBX supplier, and doing the due diligence on the different suppliers.

Now a cloud-based PBX account is more expensive than a normal VOIP account.  Edgetel, the cloud based PBX provider we chose, these are their cost estimates (excluding GST):

$55 port change per number

$8 per line per month

$8 per number per month

$4 per extension per month

$1 per voicemail mailbox

.15c per minute to mobile

.08c per minute to any Australian landline

With the per line charge, this means how many concurrent calls you expect.  Say if you are expecting 10 x staff to be on the phone at once, you will require 10 x lines.  If you go over your subscription, they will overflow the calls to extra lines for you at no extra charge.  Only if you regularly overflow will they suggest you add more lines to your subscription.

Edgetel provide intuitive browser based access to all of the phone system functions.  They also have excellent support available if you need help configuring any of the options.  We are using the existing handsets so there is no extra cost to the client in purchasing extra hardware.  We can upgrade the phones later as they require, if they want to upgrade or need extra functionality, including wireless headsets, or wireless phones (if there is a new desk with no data ports available).

The only problem we have run into so far is the amount of time it takes to port a number from one voip provider to another, especially if they have to apply to their upstream provider also. It can take anything from 5-10 business days for a port to go through.  It is one of those projects that requires constant checking on the provider to make sure they have processed the application and sent to their upstream provider, and that they have checked that their upstream provider has received the application and is processing it OK.

We will add further to this blog once the project is completed.

Case study, phone and internet outage # 1

s job we had last week was for a phone and internet outage for a small branch of a large carpet company. The problem was that the internet service provider is a third tier supplier, so that we have to log the job with them, who then log the job with the upstream provider, who send the technician out.
Because the store had 3 x VOIP phones, we had to setup call the provider and ask them to put a diversion in place so no calls were dropped. A staff member then purchased a Wi-Fi hotspot so the pc’s could connect to the internet and RDP to the server at head branch to run the custom software and check stock levels, send cut sheets to the factory floor and other similar tasks.
The ISP technicians came three times over the next week to resolve the issue, and none were able to. They would test to the MDF at the back of the building and would test OK. They would then test from the MDF to the clients frame inside their own tenancy and the pair would test OK to there.
I would monitor the up-time of client’s connection to the internet remotely, and would see them drop out not long after then technician left. I would then call the supplier, and they would log another fault with the upstream provider who would then book a technician within the next 24-48 hours, all very frustrating for the client.
The Internet Service Provider would claim that the fault laid within the building past the demarcation point, which meant not the responsibility of theirs, it was the fault of the clients cabling within the building.
I then contracted a cable technician to check the cabling from the back of the building to the front where the shop is. He tested the line and reported OK, but did report a fault on the line outside of the building. That along with the fact that one of the technicians from Telstra had put tags on the lines saying that they tested fine at both ends. The speed at the point where the ADSL came into the building was very low 1-2 Mbps, so we thought that the issue was outside.
With the last technician booked for a Thursday afternoon, we were surprised to see the internet start working all by itself. So far it has been stable for 6 days, whereas previously it couldn’t stay stable for more than a few hours. My assumption is the technician that was sent to site went to the nearest exchange first and tested the line there and found some faults between the client address back to the exchange, and were able to diagnose and fix the fault OK.

 

Veeam backups fail on install on Windows Server 2012 R2

After downloading Veeam Agent for Windows, you extract and run the installation, you are left with the following programs that are installed:

  • Configure backup
  • File level restore
  • Volume restore
  • Create recovery media
  • Veeam Agent for Microsoft Windows

Veeam program components

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

When you first go to configure backups, you end up with the following error:

Veeam error

 

 

 

 

 

 

 

The problem here is the program has problems creating the database the first tim eit runs.  This is fixed easily by doing the following:

  1. Open registry editor (regedit)
  2. File>Export.  Backup a copy of the registry somewhere before making changes to the registry.
  3. Browse to the following key in the registry:
  4. HKLM (Hotkey Local Machine\SOFTWARE\Veeam\Veeam Endpoint backup
  5. From there, create the key; or, if the program has already been started, there should be a key there called RecreateDatabase.  It is a DWORD 32-bit in case you have to create a new one.
  6. Right-click, modify, change the value data from 0 to 1.
  7. After this, go to services, and search for Veeam Agent for Microsoft service, right click, then restart.
  8. Open configure backup and this time it will take you through to the dashboard where you can finish setting up the backups and run your first full backup set.

The solution was originally found here: https://forums.veeam.com/veeam-agent-for-windows-f33/agent-for-windows-invalid-job-configuration-t48600.html

Thanks Mike reseller!

 

No sub-folders in Outlook (Office 365 version)

Office 2016

If you experience the issue where you click on the arrow net to a main folder and the sub folders don’t populate, I fixed it recently like this:

First close outlook.

Windows search, and then type in Run (when working remotely), or if at the PC, just press the Windows Key + R.

Enter the command outlook.exe /resetnavpane

Press enter, then restart Outlook and you should find your sub folders and their contacts display correctly.

 

New Backup strategy

In the past MTC MadTECH Computers has used SOS Cloud storage for the offsite storage of client’s critical data.  In layman’s terms, offsite storage of your company’s critical data means there is a copy of that data stored away from your physical business address.  This is to make sure there is a safe copy of the data in another location.  This is to combat fire, theft or any other disaster that may occur.

In trying to come up with ways to improve MadTECH Computers service, I have decided to do the backups a new way.  What I am proposing is a weekly/fortnightly site visit of the backup clients.  I will replace the onsite backup drive with a new drive.  While onsite, I can also check with staff / I.T point of contact and see if there is any outstanding IT issues.

What I am finding, with the remote support I provide, while it is handy and quick and convenient, I am missing out on the “touching base” component.  It is a lot better dealing with people face to face.  At the moment it may be weeks before I go onsite to visit clients, even though we may speak daily over the phone.  This will pause over the Commonwealth Games Gold Coast 2018, but only while there is transport issues and road closures.  The backups will still occur regardless, as will the testing and reporting.

There will be a fireproof safe installed at the MadTECH workshop.  We have CCTV cameras there, as well as sensor alarms and sensor lights also.  All second drives will be kept in the fire proof safe whilst not being used.

An improvement on the existing service is that we will now offer more storage space.  Instead of just backing up the critical folders, which requires updates from your staff about what is and isn’t critical, we will back up the entire data set.  I can also touch base with staff, and confirm they are saving company data to network drives.  The entire server will be backed up to the external drive, which will be swapped so there is offsite storage of all company data in a secure location.

If there is staff that require storing data to individual machines, we can cater for this easily.  For example, say Mr. Johns the Director has to save all his work to the desktop of his laptop, when we do the site visit, we swap the external hard drive on the server, and then visit Mr. Johns desk and backup all of his data on the laptop as well.

Once the drives are swapped, we then either work on the server onsite, or remotely.  We then browse the backup set on the backup drive and test the backups to make sure they are all intact.

We will keep the backup costs the same for now, and trial it and see how it goes.  There will be a cost for new hard drives, which will be minimal.  It is important to get good external drives that are both the same.  That way we can leave the power pack at the network cabinet, and unplug one drive, and plug in the new one.  I’m probably going with LaCie Rugged drives and will send out quotes for these this week, so please check and approve when happy, and we will invoice and order on receipt of remittance (same for all hardware purchases).  See end of this post for LaCie Rugged Specifications and review.

For those clients that already have an external drive, we will need to add a second drive so we may rotate the drives for offsite storage.

Another advantage of this new backup strategy is that the backups will be a lot faster.  With the slow internet issues a lot of you are experiencing in Australia, it was always a pain for us logging onto the server and starting the upload of the backup at 5pm, and pausing again at 7am.  The backup software does have a schedule function but especially with the Mac version it was unreliable and manually working the program was the only way for it to work.

With the new backups, there will be no bandwidth hogging of the backups being uploaded to cloud storage.  This will help with the internet speed.  All backups were scheduled for running outside business hours, but now with no uploading, it will help reduce internet download limits, which may help reduce your costs.

There are clients that are using cloud storage for company data.  This may be with Dropbox, Google Drive, or One Drive.  Users must beware of the syncing of data across devices.  Some users in the past have removed data from their local Google Drive folder on their PC, and it has been removed from their cloud account also.

Another problem with Google drive is when the data is linked to an account which is then closed before transfer to another account user.  I think Google can recover data from a closed account up to 30 days only.

Another threat is ransomware, which encrypts data on PC’s AND external hard drives, and smart ransomware can encrypt data on cloud storage too.  Cloud storage is not a magical bulletproof solution to ransomware.  Crypto locker can infect Google drive.  If files on a computer are infected by ransomware, they will synch to Google Drive and corrupt both versions.  It can then spread to all shared files and folders.

For all the reasons above MTC MadTECH Computers recommends backing up company data stored on cloud storage as well.

 

LaCie Rugged Review and pricing:

The reason we recommend LaCie Rugged Storage for external Drive is that the drives are shockproof, drop resistant, rain and pressure resistant.  It can be run over by a one-ton car and still work.

The connections available with the LaCie are USB 3.0, backwards compatible with USB 2.0.

There is an automatic backup function available for PC and MAC also.

It is powered via USB also so there is no need for external power packs.

Manufacturer’s warranty is 1 year.

The 1TB LaCie is $144 including GST.

https://www.jbhifi.com.au/computers-tablets/all-computers–tablets/lacie/lacie-rugged-mini-1tb-portable-hard-drive/851011/

Automated task for restarting a server out of hours

In some instances, you may need to restart your server unattended out of hours.  Servers are normally fine to be kept running for long periods of time, but in some instances, restarts are recommended for several reasons:

  1. Windows updates are pending, and the server requires restarting to install them.
  2. Third party programs (e.g. Shadow Protect) requires re-installing and configuration that asks for the server to be re-started.
  3. With some SQL backups, memory space becomes an issue.  As part of my role performing Office IT support, I recently encountered an error with SQLBak not being able to backup SQL databases to Google drive.  The error message was:

Failed to backup “xxxx” database with “Full” backup type: Database xxxx cannot be opened due to inaccessible files or insufficient memory or disk space. See the SQL Server errorlog for details. BACKUP DATABASE is terminating abnormally.

Consulting my previous helpdesk tickets with the same error, i was able to resolve the issue by restarting the server, after             I diagnosed the error as low memory space (the cloud backup account still had 12 GB free space).

Any good cloud computing or Managed Services Company will prefer to restart any server out of production hours so as not to disrupt any users logged on to the server or using any files stored on the server.

To create an automated task to restart the server at say 9 pm, I would follow these steps:

  1. Open Task Scheduler:

Managed Services image 1

2. Right click and choose create basic task.

Managed Services image 2

 

3.  Enter task name and description and click on next.

4.   Select a schedule.  For this server restart, I recommend one off, and then just activate the task next time you need an                     out of hours restart scheduled.

Managed Services Gold Coast image 3

 

5.     Select ” Start a Program” then “Next”.  Then Type “powershell” and for the arguments type “restart-computer” or                          “restart-computer -force” then click on “next”.

Managed Services image 4

 

Click on finish and the task is complete.  Don’t forget to check in the morning before the office opens that the server is back online.

Book your FREE I.T. Audit

MTC offers a completely free, no strings attached I.T. Audit. We can come to your office, discuss any on-going issues, review your current infrastructure, and help build a road map going forward.

Call us now on 1300 584 024 or fill out the form to book your FREE I.T. audit: