Pacific Islands ICT best practices (Cached)
Refresh Print

This document was updated at PacINET 2006


The purpose of this page is to make some recommendations on ICT equipment and best practices to benefit the Pacific Islands Countries and Territories.
These are only recommendations and all disclaimers apply


Table of contents



Hardware


Servers, desktops and laptops must be purchased with a 3 year minimum warranty as to match the financial depreciation period. However, this could be dependent on local support options. On site maintenance preferred.

Server

It is now recommended to have RAID arrays on servers.
It is recommended to use only well known brand names for servers unless you have the specific skills required to build a reliable clone and maintain it.

Desktop

Brand name desktops are recommended in countries where environmental conditions are harsh, unless you have the specific skills required to build a reliable clone and maintain it.

The following are minimum specifications as of August 2006:
  • Intel Pentium 4 3GHz+ or AMD Equivalent
  • 512MB of memory
  • 1024x768 24bits capable video card with PCI-Xpress if the video is not onboard
  • USB v2.0 ports
  • Network card 10/100TX (Gigabit 10/100/1000 recommended)
  • 80GB 7200rpm Hard Drive
  • DVD-ROM
  • 17" LCD Screen
  • Ergonomic keyboard to reduce wrist injuries
  • Optical mouse

The use of LCD screen is now cost effective and should be encouraged. A 15"LCD screen is nearly equivalent in size to a 17"CRT screen. The purchase cost of an LCD screen is more expensive than a CRT screen but lower energy consumption of LCD means the Total Cost (purchase and usage) is equivalent to a CRT screen. Pricing for LCD screens have declined steadily and are generally now affordable.

Laptops


  • Intel Centrino or AMD equivalent (Dual Core processors should be considered for performance increase)
  • 512MB of memory
  • 1024x768 24bits capable video card (or 800x600 depending on display resolution)
  • USB v2.0 ports
  • Network card 10/100TX
  • 40GB 5400rpm Hard Drive
  • DVD-ROM/CD-RW Combo minimum, DVD-Writer recommended
  • 15" Screen (or 12" or 14" Widescreen for ultra-portable models)
  • WiFi? WPA compliant
  • Capable of running Windows XP, Linux, BSD, Mac OS X

These specifications are for desktop type replacement laptops. Specifications may vary for added mobility.

Do keep in mind that support for Laptops is not as easily available as Desktops. Ensure you have at least some local support, or at least have the necessary contacts or means to get support for your laptop perhaps through Fiji, Australia or New Zealand. A 3 year international warranty is recommended for laptops, though not all vendors provide this as standard.

Network Equipment

Routers

Cisco Routers are most common in PICs and have good on-line support and there are a growing number of Cisco training centers in the Pacific Region. Samoa, Fiji, New Zealand, and Australia.

Switches and Hubs

Hubs should be phased out and replaced by Switches which provide better performance.
Managed Switches are appropriate for large-scale networks.
10/100 Fast Ethernet Switches are a minimum, and 10/100/1000 Gigabit Switches are recommended for Server connectivity.
You should have redundancy on critical components of your network eg. backbone switch.

Wireless

802.11g (54Mbps) is the minimum standard now. If authentication and security is required the wireless access point should support 802.1x (RADIUS) and AES and/or TKIP. WEP has poor security and should be avoided. Access Points with built-in RADIUS Servers are also available.
In many countries in the Pacific a licence is required to operate a wireless device.


Cabling

Structured Cabling should be implemented for all new installations. With recent price reductions in Category 6 components, all new installations should be Category 6 based. Patch Leads should be proper Patch Leads ie. using stranded multi-core cable, and not solid core cable. Cables should be terminated onto a Patch Panel and then patched to Switches, etc. Do not direct terminate cables and plug into a Switch except in temporary installations or for testing. Direct termination is not a reliable practice.

For fiber optic cabling, proper termination should be installed with patch cables and SC connectors should be used. Avoid ST connectors where possible as most new equipment support SC or newer connector types.

A Rack Cabinet is a good investment for security as well as aesthetics. When installing a wall-mount type, invest in a hinged back-mount kit to go with to allow easy access to the back of the cabinet.

Ensure all cables are labelled. Logically label wall outlets. Install a 2 Port Outlet at every usable work area as a minimum - this would cater for 1 voice and 1 data connection. PABX system cables should also be terminated at the Rack Cabinet to allow adds, move and changes for data and voice.

Software

It is to be noted that GNU/Linux is becoming a strong viable alternative to Microsoft Operating system. Also numerous OpenSource? software on Mircosoft are good alernative to proprietary software.

Organisation must work towards having all their software properly licensed.

GNU/Linux Platform

Distribution

The following distributions are in used in the region:


Note the availability of "on the move" distributions that fit, boots and operate from a CD (live cd) to check hardware compatibility. The hard drive is not modified at all.

Applications

Clients

Gimp
Image-Photo editor
Scribus
Scribus is a Page Layout program for GNU/Linux®, similar to Adobe® PageMaker?, QuarkXPress or Adobe® InDesign?, except that it is published under the GNU GPL
OpenOffice
Word processor, Spreadsheet, Presentation, Database query software compatible with MS Office
Firefox
Web Browser
Thunderbird
mail client
Evolution
mail client
Kontact
mail client and PIM solution, similar to Microsoft Outlook
Gaim
Instant Messaging
Ekiga
VoIP Conferencing software
Kphone
VoIP Client
Rhythmbox
iTune like clone
GnuCash
Personnal and small business finance system

Servers

Apache
Web server with the PHP or Perl module for scripting
Samba
File server compatible with MS platforms
Squid
Web cache/proxy
Postfix
E-mail system
MySQL
Database
PostgreSQL
Entreprise Database (commits/rollback, extensible, procedures,...)
Tikiwiki
Web based Content Management Software (CMS) with mapping feature
Bacula
Bakup software with windows agents
Nagios
Server and Network monitoring with alerts
Zentrack
Web based help desk with e-mail capability
webmin
Web based administrative interface

Microsoft Windows Platform

Operating System

Servers

Windows 2003 Server

Desktop

Windows XP for new workstations with 256Mb of RAM or greater

Office

Microsoft Office 2003 or OpenOffice? 2.0 is the recommended application suite.

Internet

Firefox and Thunderbird are a web browser and mail client which are less prone to security vulnerabilities while providing TAB browsing and other anti-pop-up features.
Opera is also an alternative with fast browsing and widely used with tabbed browsing and anti-popup, amongst other features (including built-in mail client and newsreader).

Publishing

Adobe In-Design?
OpenOffice? includes a basic Publishing package and can export to PDF.
Adobe Acrobat to generate PDF

Finance

Microsoft Money for personnal finance
Web-ERP or SunSystems? for corporate finance

Library

Koha is one of the most common library system being widely used. Some CROP are already using it. Koha

GIS

MapInfo? for vector mapping
MapInfo? is the GIS software, which is implemented in the majority of all Pacific Island Countries. The software fulfills 90% of all requirements for medium size GIS units and can be customized through MapBasic?. Additional software products will split the resources of especially small island states.
ERDAS for raster mapping

Some OpenSource? software are becoming interesting for simple use. The following software should be evaluated for some applications: QGIS, GRASS, uDIG, OGR/GDAL set of utilities

Mapserver can be used to publish maps on the web.

Web based

A lot of software now are web based using the Ajax technology for better user experience. They are usually compatible with Apache, PHP and MySQL on either a Linux or Windows server. Their advantage is to not require powerful clients to operate, but simple web browsers.

Web Design

A Content Management System (CMS) is strongly recommended for any web site, several systems exists but the most popular are Tikiwiki, Drupal, Mambo or Plone. Tikiwiki is deployed today in 9 Pacific Islands as part of giving 14 Pacific Islands access to mapping servers.

Communications


PBX

Generally speaking there are three options here: Software IP PBX, Hardware IP PBX and Hybrid/Traditional Vendor Solutions.

Software IP PBX

These are typically a Linux-based system which provide PBX functionality and through the use of various types of Interface Cards allow connection to Analogue Trunk, ISDN Trunks, Analogue handsets, IP Hardphones, IP Softphones, etc. Examples are Asterisk, FreeSwitch, SipX. Visit this page for some other options. Generally to install a Software IP PBX requires a good knowledge of Linux as well as telephony parameters, particularly when interfacing to the PSTN. Support options may be limited in some respects but mailing lists and forums are generally available. Typically functions such as Voicemail, Voicemail to email and Auto-attendants are standard features.

Hardware IP PBX

These are a "black-box" implementation of (typically) a software IP PBX. The manufacturer would typically built a box around a Linux core and provide relevant interfaces on-board. The unit is usually configured and managed using a Web Browser, and is more suited to someone who does not want to spend time (or have the necessary background) building their own solution. Vendor support options are also generally available. Examples are Planet IPX-2000, Zultys MX-250, Linksys Voice System 9000. Typically functions such as Voicemail, Voicemail to email and Auto-attendants are standard features.

Hybrid or Traditional Vendor Solutions

These are solutions from traditional telephone manufacturers who have moved to an IP core and and provide traditional PBX functionality together with IP features. Examples are Siemens, Avaya, Mitel. Do note that these typically have per user fee-based licensing models for IP support. Voicemail and Auto-attendant functionality typically come at a cost.


VoIP Gateways

These are essentially an interface between the PSTN and VoIP world. They typically come with FXO (lines) or FXS (handset) ports and can be connected to an existing PBX to provide VoIP to another similarly configured site. Examples are Planet VIP-450, OKI BV1260

Softphones

Generic

Generic Softphones are those which can be typically used with any Provider supporting open standards (or with IP PBX's). These include Ekiga, Xten (now called CounterPath), KPhone. Visit voip-info.org IP Phones page for more options.

Proprietary (or Provider Locked)

These are service providers who have free member to member calling, and some have paid options to call PSTN numbers. Examples are Skype, Gizmo

Hardphones

These are designed to look (and function) like traditional telephone handsets and generally have a good feature set. Some models are also available with an Analogue Trunk port allowing connection to the PSTN as well as an IP PBX (or VoIP Service Provider). Examples are Planet VIP-153M, VIP-153PT and VIP-153T, Linksys SPA941, Grandstream BudgeTone BT101

ATA

Analogue Telephone Adapters allow the connection of a standard analogue telephone to an IP PBX or VoIP service. Examples are Planet VIP-156, Zyxel P-2002

WiFi SIP Phones

These are SIP Phones running over wireless networks, giving "cordless portability" over a wireless coverage area. Examples are Planet VIP-190, Zyxel P-2000W


Fax

Dedicated Fax Machines

Laser-based Fax Machines have decreased in price significantly over the last couple of years and are now affordable alternatives to the thermal and inkjet based printers. Thermal Fax Machines should be avoided as the printout lifetime is poor. Inkjet printers have high operating costs. Laser Fax Machines (available for < USD 500) have economical operating costs (ie. cost of toner) and higher duty cylcles. Examples are OKI OF-4580 - mid-range, Brother FAX-2820 - entry-level.

Fax Servers



Best Practices

Equipment Procurement

The ICT manager should approve the selection of any ICT related hardware or software as to streamline resources for support of such equipment.

Equipment disposal

Be environmentally mindful as components may include toxic parts.

Backup

  • CA Brightstor
  • Veritas Backup exec
  • NovaStor Instant Backup
  • Bacula on Linux seems a good alternative and can back up remotely Microsoft machines.

Backups should be offsite as well as in other various secure locations.

Environment

ICT equipment can be installed in harsh environment and they should be properly protected with UPS and in a temperate room, however keeping them running all day may protect them from dust and corosion. In all case keeping the temperature constant is important.
It is important to do maintenance on the server and remove dust every month from the insde of the computer to avoid build-up of dust and moisture. Most warranty is void if there is any sign of corrosion.

Security

  • it is recommended to have a emergency recovery plan in place.
  • it is recommended to have a software security upgrade policy in place.
  • It is recommended to subscribe to any vendor bulletins about security releases on software and hardware acquired

UPS Systems

UPS Systems are essential for continuity of service and protection of equipment. An On-line Double Conversion type UPS with harmonic filtering is best suited for poor power quality areas (applicable to most PICs), but is expensive compared to Line-interactive or Stand-by types. Brand-names with local Pacific Islands representation and support are MGE UPS, APC, Powerware

Firewalls

A Linux-based Firewall can be cost-effective and easily managed with webmin. Shorewall is a good candidate. ISA for Microsoft applications. Firewalls especially on laptops should be active at all times (MS-built in, Kerio, and ZoneAlarm). When traveling laptops if connected to "home" networks should be connected through secure channels. An anti spybot software is also recommended on laptops.

Anti-virus

Use server based Anti-virus scanners to scan all incoming mail. Install on Workstations also to provide additional layer of protection and for mobile users. See the Virus Bulletin site http://www.virusbtn.com for recommended list. Product names to consider: NOD32, McAfee?, Norton, Trend, Grisoft for Microsoft. ClamAV, Messagewall for Unix applications, and Netbarrier for OS X.

Update management protocols should be in place to insure proper virus signature updates. Cached signatures are good for saving bandwith.

Incoming e-mails with the following attachments are known to cause problems and can be blocked should the local situation allow it.
  • hta|com|pif|vbs|vbe|js|jse|exe|bat|bak|cmd|pps|vxd|scr|chm|lnk|eml|swf|mso|zip|rar|ace|cpl

Awareness

Educating computer users is an integral part of reducing the impact of exploits,
especially 'social engineering' attacks, such as phishing. PICISOC members recently
created this advisory on phishing attacks:

Identity Theft - phishing attacks on the rise

Monitoring

Nagios or Ntop on Linux is a simple but comprehensive system to monitor services and machine availability
Iptraf (Linux) and Ethereal are good packet analyser tools running on Linux and Windows.

Contributors to this page: Franck7385 points  , zakaio1148 points  , dmcgarry6 points  , stclair5 points  , wolf408 points  , rajnesh5132 points  , phillh and m@tt125 points  .
Page last modified on Sunday 19 of August, 2007 18:49:32 PDT by Franck7385 points .

PICISOC Menu

Last blog posts

Last changes

Online users

65 online users

Last articles