What are the IT needs of most small Italian businesses? A reliable email server offering functional and ample mailboxes, one or more on-premises shares to share files and backups, a firewall/gateway for external connections with VPNs, a good level of protection against viruses, a backup system (online too) and basic collaboration tools for the employees.

Sure this brief introduction brought to your minds many software and appliances capable of satisfying one or more of these needs, but you’ll probably experience some difficulties in finding a single product that does all of that. ClearOS is an Open Source project based on Linux that offers almost all of these features and can be managed by a well organized, functional and handy Web interface without using a command line. Even if it’s an Open Source project, fortunately ClearOS has a company behind it (ClearCenter) that is not limited in the development and updating process, but also offers a wide marketplace with maintenance services, antivirus updates and additional features available exclusively through commercial packages.

2016 02 01 114313

ClearOS is a Linux distro based on Centos available both as a free version (Community) and as Business version (starting at 9$/mo with the basic package). Both include a marketplace to add features and services with a monthly fee or a one-time payment, according to the product.

The first good news -in particular for those coming from the Windows world- is that installing and configuring ClearOS doesn’t require a command line and, in general, the use of this tool to manage the system is not needed. All you need is the Web interface which is certainly well organized, despite not being translated into Italian, yet it allows even an unskilled sysadmin to be quickly operational.

System requirements are really at a bare minimum: they start from at least 1 GByte of RAM and 10GBtye of disk space and whichever 32 or 64 bits processor. A single core system with 4GByte of RAM is enough to manage 25 users, above 250 users the recommended configuration is multicore and multiprocessor with 32GByte of RAM.

ClearOS benefits from the same excellent hardware support of CentOS/Red Hat, and the use of a RAID system (including Linux mdraid) is recommended for a physical configuration. We have tested it with a virtualization system (VMware vSphere 5.5), and naturally it runs flawlessly. In this way we can leverage all the advantages of a virtual architecture without worrying about the identification of the underlying physical hardware.

ClearOS can also act as a firewall/gateway: this configuration requires the use of two network cards. ClearCenter also sells two appliances called ClearBOX equipped with a preinstalled software. The ClearBOX 100 series spans from 1,200 to 1,600$ and suits companies with 10-25 employees, while the 300 series starts from 1,689$ and also is available in a cluster configuration. The more hardware-advanced series 500 and 700 are shown on the website but they aren’t available yet. Any sysadmin with a little hardware experience will have no troubles in installing and managing ClearOS even with those cheaper servers and more easily available in Italy than the ones sold by the American company, especially considering that the CentOS/Red Hat hardware support is particularly widespread.

2016 02 01 115228

Regarding the gateway, ClearOS includes a stateful firewall, an IPS (Snort) and several VPN connection options: IPSEC, OpenVPN and PPTP VPN. In general, the configuration of these components is easy and is completely carried out with the Web interface. For instance, with OpenVPN each user (after being authorized from the control panel) can login with his/her own password and download certificates and precompiled configuration files.

ClearOS also offers a Dynamic DNS feature, thus allowing itself to be used with networks where IP address isn’t static: this feature is activated for free when registering (mandatory) the system.

The real point of strength of ClearOS is the vast assortment of additional packages that can be installed from the marketplace. Some are free, some have an annual fee. Amongst the free ones, we’d like to signal the synchronization with a Dropbox account, a bandwidth manager with traffic shaping and traffic prioritization, a custom firewall (with DMZ, MultiWAN and so forth), the DNS, DHCP, SSH and RADIUS server features, the ibVPN service (to hide the origin of the traffic while browsing the Internet), a basic content control module, an anti-phishing and antivirus system for the gateway, a proxy server (squid), an LDAP-based directory system, an FTP server, basic email features (IMAP, POP, SMTP, antispam/antivirus, Mail Retrieval), a database server based on MySQL or MariaDB, Plex and Serviio Media Server, Apache Web server, a module for PC backups based on BackupPC and many reporting modules (bandwidth, logs, networks, processes, resources, SMART, etc..). There’s stuff for every flavour, also for those who don’t want to pay and are happy with the Community version.

Amongst the paid module, we’ve find some particularly interesting ones like advanced antivirus and antispam rules (60 +60$/yr), DNSthingy to block ADS and dangerous contents and to override geographical blocked access 899$/yr), a complete category-based content filtering system (100$/yr), a plugin for the synchronization with Google Apps (100$/yr), a remote backup service (10$/yr), a weekly security audits package (25$/yr), Kaspersky Labs’ antimalware protection for gateways (200$/yr), the AppleTalk Server module to backup Mac Time Machine (10$/yr), a connector for Microsoft Active Directory (125$/yr), OwnCloud for Business (25$/yr) and the Zarafa Community (50$/yr) and Zarafa Business (70$/yr with 5 users license) for email management and addresses, calendars and contacts synchronization.

kasp

Naturally the expenses can grow rapidly by adding packages, but many packages are alternatives (for instance, the security features by ClearOS and the ones -more expensive!- by Kaspersky Labs or Zarafa Community and Business versions), and lots of features are conceived only for specific uses.

Every sysadmin can decide upon the client’s needs and the installation characteristics what products to offer. For instance, Zarafa Community includes basic email features, an alternative to the one present in ClearOS, and offers a better Web interface than the integrated one. On the other hand, Zarafa Business directly integrates with Outlook, but, in addition to being more expensive, requires the purchase of client license if using more than the 5 included licenses.

ClearOS is a project with a proven history, it was previously known as Clarkconnect, therefore it’s not the product of a startup or of a single developer, as the daily usage suggests. The number of available packages is perhaps too high and who doesn’t know that might experience some difficulties when first deciding what to activate and what to pay for. The neat and modern Web interface, coupled with a good documentation, nonetheless is a great starting point for those who want to take ClearOS into account.

ClearOS in general behaved very well in our tests, both in email management and in the more advanced tests. On a feature-only perspective, the level is lower than to other commercial products that focus on a single function (firewall, email server, etc..), still it can protect the business network when used as gateway, and it can replace Windows Server at least in a small-size company looking for a simple product to configure a few network shares.

In particular one of the features -also available in the Community version- that aroused our enthusiasm is Flexshares. Flexshares is a simple and intuitive system to configure a network share inside (with the Windows sharing protocol, Samba on Linux) and outside the walls, with Secure FTP or by a Web interface. In addition to being an interesting idea, also leveraged by several NAS systems, this solution includes a feature that is particularly interesting for the business use: the trash bin. Indeed network shares don’t have a trash bin and a single lack of attention can result in the loss of months of work, or, at least, in the loss of the last day’s work if a daily backup is available. A trash bin allows to quickly restore files and to discover who deleted them. The trash bin folder is organized by the names of people who removed files, thus offering a quick consultation or a scapegoat.

The Web interface unfortunately isn’t available in Italian at the moment (there are only English, French, Polish and Russian versions) and this is a clear limit where localization is mandatory.
ClearCenter should soon make available in the cloud a version of the product with a SaaS approach, but it wasn’t available yet when we tested it. Those who think about running it on a VPS have two options: either rely on a provider that allows the upload and usage of customized OS templates, or use the procedure here available to installClearOS inside a common CentOS machine.

About the Author

Filippo Moriggia

After more than 10 years of experience in the technical journalism with PC Professionale (the italian version of PC Magazine) and other newspapers of Mondadori group, Filippo Moriggia founded GURU advisor, the reference website for IT professionals, system integrators, cloud providers and MSPs. He has a Master of Science in Telecommunications Engineering and works as a independent consultant and contractor for different firms. His main focuses are software, virtualization, servers, cloud, networking and security. He's certified VMware VCA for Data Center Virtualization.

banner eng

fb icon evo twitter icon evo

Word of the Day

The term Edge Computing refers, when used in the cloud-based infrastructure sphere, the set of devices and technologies that allows...

>

The acronym SoC (System on Chip) describes particular integrated circuit that contain a whole system inside a single physical chip:...

>

The acronym PtP (Point-to-Point) indicates point-to-point radio links realized with wireless technologies. Differently, PtMP links connects a single source to...

>

Hold Down Timer is a technique used by network routers. When a node receives notification that another router is offline...

>

In the field of Information Technology, the term piggybacking refers to situations where an unauthorized third party gains access to...

>
Read also the others...

Download of the Day

Netcat

Netcat is a command line tool that can be used in both Linux and Windows environments, capable of...

>

Fiddler

Fiddler is a proxy server that can run locally to allow application debugging and control of data in...

>

Adapter Watch

Adapter Watch is a tool that shows a complete and detailed report about network cards. Download it here.

>

DNS DataView

DNS DataView is a graphical-interface software to perform DNS lookup queries from your PC using system-defined DNS, or...

>

SolarWinds Traceroute NG

SolarWinds Traceroute NG is a command line tool to perform advanced traceroute in Windows environment, compared to the...

>
All Download...

Issues Archive

  •  GURU advisor: issue 21 - May 2019

    GURU advisor: issue 21 - May 2019

  • GURU advisor: issue 20 - December 2018

    GURU advisor: issue 20 - December 2018

  • GURU advisor: issue 19 - July 2018

    GURU advisor: issue 19 - July 2018

  • GURU advisor: issue 18 - April 2018

    GURU advisor: issue 18 - April 2018

  • GURU advisor: issue 17 - January 2018

    GURU advisor: issue 17 - January 2018

  • GURU advisor: issue 16 - october 2017

    GURU advisor: issue 16 - october 2017

  • GURU advisor: issue 15 - July 2017

    GURU advisor: issue 15 - July 2017

  • GURU advisor: issue 14 - May 2017

    GURU advisor: issue 14 - May 2017

  • 1
  • 2
  • 3
  • BYOD: your devices for your firm

    The quick evolution of informatics and technologies, together with the crisis that mined financial mines, has brought to a tendency inversion: users that prefer to work with their own devices as they’re often more advanced and modern than those the companies would provide. Read More
  • A switch for datacenters: Quanta LB4M

    You don’t always have to invest thousands of euros to build an enterprise-level networking: here’s our test of the Quanta LB4M switch Read More
  • Mobile World Congress in Barcelona

    GURU advisor will be at the Mobile World Congress in Barcelona from February 22nd to 25th 2016!

    MWC is one of the biggest conventions about the worldwide mobile market, we'll be present for the whole event and we'll keep you posted with news and previews from the congress.

    Read More
  • 1