Networking

NethServer 7: Major improvements make choosing this server a no-brainer for SMBs

With the significant security and networking advances in NethServer 7, Jack Wallen believes SMBs should add this budget-friendly open source server to their hardware shopping lists.

nethhero.jpg
Image: Jack Wallen

If your small business is in the market for a new server and wants to keep the costs as low as possible, you're in luck—NethServer 7 has been released, and it offers serious improvements over previous iterations. Let's examine this new take on NethServer that is billed as a server that will make sysadmin's lives easier...with the help of open source.

SEE: Tech Pro Research download: SMBs discuss current status and future adoption plans of new technologies (TechRepublic)

Built-in Samba Active Directory Controller

Out of the box, NethServer 7 can now act as a Samba Active Directory Controller—this is pretty big news. It means you can replace that aging and expensive Windows Active Directory Domain Controller and enjoy native Windows management tools like RSAT and AD PowerShell. You can also deploy group policies, and Windows workstations can seamlessly join the Active Directory domain without having to tweak the Windows registry so they can join the Samba AD.

NethServer 7 also includes the mechanism for centralized account management (aka multi-site), with support for authentication and authorization against either a local or a remote account provider such as:

  • OpenLDAP
  • Samba 4 AD Domain Controller
  • Remote Active Directory via Microsoft or Samba

Nextcloud integration

Nextcloud, an incredibly powerful, flexible, and reliable cloud server, is coming along for the NethServer 7 ride. Although Nextcloud is not installed by default, you can install it via the NethServer 7 Software Center (Figure A).

Figure A

Figure A

Installing Nextcloud on NethServer 7.

Improved certificate management

Chances are, you've had to manage an SSL certificate for one server or another. If that's the case, you know how much of a hassle that can be.

NethServer 7 has improved upon that process to make it easy to manage your certificates. You can edit the default self-signed certificate or easily upload a custom certificate purchased by an SSL provider (Figure B). That same NethServer panel allows for the requesting of certificates via Let's Encrypt.

Figure B

Figure B

Requesting a certificate via Let's Encrypt.

Improved transparent HTTPS proxy

Prior to NethServer 7, the platform made use of a Man In The Middle (MITM) feature to inspect all encrypted traffic; this has been substituted with a new transparent HTTPS proxy that sniffs out only the beginning of the connection. In other words, NethServer now only peeks at the source of the connection to discover the destination website and, if necessary, blocks it.

Other improvements that come with this include:

  • It's no longer necessary to install certificates for browsers;
  • No more untrusted certificate warnings;
  • No more sniffing incoming or outgoing sensitive information; and
  • Seamless filtering of unwanted websites for HTTP and HTTPS.

Firewall improvements

The NethServer firewall is greatly improved, with the help of deep packet inspection using nDPI. With this new feature, an administrator can create very granular firewall rules. Imagine being able to easily enforce rules such as only PC X can access website Y...without having to write complex iptables rules.

This service is not installed by default—you must go to the Software Center and then install the Basic Firewall and the Deep Packet Inspection application. Once both are installed, firewall rules are easy to create. Add a host object (such as your CEO's PC) and then create a rule around that (Figure C).

Figure C

Figure C

Firewall rule created around a new host object.

Other firewall improvements include:

  • new time conditions;
  • improved interface for traffic shaping;
  • Snort replaced with Suricata;
  • reverse proxy added; and
  • Simplified Network Service panel includes Zones and new Firewall rules.

Mail server improvements

The NethServer mail server received a number of improvements, including:

  • All users automatically have a valid email address;
  • Shared mailbox support was added (this can be used for distributed lists and/or associated with a custom mail alias);
  • Improved full-text IMAP search; and
  • Improved POP3 connector module.

The list goes on and on

The list of improvements and changes for NethServer 7 are deep—this might be the biggest update ever for the server, and the improvements are seriously impressive. To read about all of the changes, check out the NethServer 7 release notes.

If you're looking for a new small business server, you cannot go wrong with NethServer. With the massive rollout of improvements, this open source server should go a long way to serve your company. Give it a go, and see if you can't kick the proprietary competition to the curb and save some serious budget in the process.

Also see

About Jack Wallen

Jack Wallen is an award-winning writer for TechRepublic and Linux.com. He’s an avid promoter of open source and the voice of The Android Expert. For more news about Jack Wallen, visit his website jackwallen.com.

Editor's Picks