PC Setup Advice
This section is included entirely as a courtesy and reflects our experience in running secure PC systems (starting with CPM, then MS-DOS, Windows3.1 (awful), Win3.11 (good), W98 (terrible), Wme (awful), NT4 (dreadful BSOD specialist), XP (first OS that really worked well other than 3.11). It has no commercial value to us and is provided in the hope it will give you some pointers and ideas about how best to setup and run your PC systems. We don't say it is the only way, or even the best way. What we do say though is that it works efficiently for us and eliminates almost entirely, the absolute tedium of fiddling around with Windows and the PC.
PC Types and Operating Systems
OS - All our PCs run Windows XP professional (service pack 2).
Why not service pack 3 or Windows 7? From long experience of Microsoft products, running the latest software is always a nightmare with some new bug or incompatibility just waiting to strike. This creates a huge amount of work trying to get on top of the situation and detracts from productivity. The basic SP2 has always worked well for us despite its security limitations and doesn't keep 'calling home' (ie polling Microsoft) to see if it is legal (it is). Further, any perceived issues can be quickly resolved by doing a full restore (see backup).
PC Organisation
We found it best to split the main hard drive into smaller sections. A 7.5GB C: drive containing the OS ONLY, a much larger D: drive for programs and data, and a 767MB R: drive made out of computer RAM (2GB total). In addition we have a 500GB NAS (Network Attached Storage) drive N:. Sometime in the future, we will move C: onto a pair of SSD (Solid State Drive), 32GB or smaller will be fine, but with the fastest I/O speeds available, and configured in a RAID array.
Why Split Drives? Purely because of backup issues. If you use Windows, it WILL crash - it is inevitable, built in. Worse, it always crashes at the most inoportune time. So a clean XP install to drive C:, patched to SP2 is the first step. This takes 3-4GB of space and will inflate to around 5GB in a fully working system. Therefore a 7.5GB drive size is plenty big enough and allows space for drive defragmentations. 7.5GB is the ideal size for backup purposes as when compressed, you get an image file of around 2GB. After installing Windows and patching, the first thing to do is make a backup. After that, you can always get back to this point within 10 minites even if the whole OS crashes.
After installing the OS and making a backup, install all your software to drive D: We always use the D:\Programs\xxxxx tree to do this.
We also use a RAM disk. It took around 4 years to find the right software (free) - Gavotte Ramdisk with GUI. This works with no wrinkles at all.
Why a RAMdisk?
Mainly security and to avoid file 'bloat'. Anything stored in RAM gets lost when the PC is switched off. So if all your temporary files including web history, cookies etc are stored here, they get destroyed whenever the PC is switched off. You don't need any sort of software file cleaner, you can't store infected files and you know all cookies go too. Additionally, RAM is very fast and your PC will work faster. The only downside is you must save to hard drive, anything in RAM you wish to keep.
Another excellent dodge is to put all your web browser config files in RAM. We use Firefox here and have a BATch file that runs everytime the PC is switched on. This copies all Firefox settings and menus into RAM. This is great as we always have the SAME favourites etc.
Backup Solutions
Having lost all our company data as a result of a system crash some years ago, reliable backup became a big issue for us. We tried all sorts of products but to cut a very long and expensive story short, we now use Acronis True Image Home (V9). This is simply wonderful and works.
Every month, we make a backup ie Sep09.tib which is a complete backup of C: - basically the OS including all startup and registry values. Before backing up, we always empty the wastebin and do a C: defrag to keep things tidy. Once every three months or so we might do a full D: backup but since we always have the source program files, this is no big deal if one gets an error as a reinstall is quick. C: backups take around 10 mins on our machines and are around 2GB in size. Restoring the whole C: drive is painless and takes 10-15mins - just long enough to make and enjoy a coffee. All backup images are copied to the NAS drive as well. So worst case is a PC stolen or totally scrap. Buy a new PC with no OS set to boot from CD. Insert Acronis recovery CD and provided you get access to the NAS drive, restore latest C: backup image. In 10-15 Mins, your PC is working again and just needs D: sorting.
If your PC suddenly becomes listless, acts funny or refuses to play ball - immediate full restore. Works a treat and you always get back to EXACTLY the same position as when you stored the image. You can also restore individual files, so an image of the data on D: can be useful too.
Data Data on drive D: is obviously critical and this is backed up to an attached network drive. We have a small BATch program that checks out the archive bit on every file on drive D: and stores any file that is new or that has changed. Xcopy is part of Windows and ideal for this. We run the backup BATch file after finishing any new work and at the end of the day. Thus drive N: (Network) a LaCie NAS drive, has a complete copy of D: and all C: backup images.
Everytime Firefox (our web browser) has a new link added (or advert blocked), we need to copy the relevent files from R: (the RAM drive), to d:\Myfiles\Firefox\, otherwise the changes are lost when the PC is switched off.
Security
System security is handled by a multi level approach. The main line of defense is a software package ZoneAlarm Security Suite. This replaces the Windows firewall by something much better and allows you to do really useful things like completly disabling Dr Watson (annoying and useless Windows crash program). It has a good email filtration system too.
Connection to the internet is a security nightmare and is compounded by government intentions of monitoring all internet searches and emails. Whilst having nothing to hide, this is way too intrusive for us so we use a system called Open VPN. This is effectively an encrypted tunnel from each PC to the Open VPN provider server. There are many of these servers and they are located in the UK, USA and Far East. Not only does our ISP (Internet Service Provider) have no means of seeing what we are downloading (other than quantity), our IP (Internet Protocol) address is also hidden from websites. This means that sites like Google cannot track your search history as they see your Open VPN IP address, rather than your true IP address. It also means you can avoid geographical redirection, or video content denial based on IP - a great research tool. This works for VOIP and email too as traffic goes over the same connection.
When funds allow, we will also install a standalone UTM (Unified Threat Management) unit to further strengthen defences. Plus we need to think about equipment theft and fire - maybe store critical files offsite in a secure store.
Wireless connections are handled by a Netgear router with full security setup. WEP-PSPK and MAC address filtering ensures only our own PCs can connect and we always turn down the signal to the weakest possible whilst maintaining full bandwidth.
Web Access
We have a fast broadband connection (6GB), though with Open VPN, average probably half that which is fine. Our web browser is Firefox with a couple of essential add-ons: ADBlocker Plus + Element Hiding Helper + free subscription to the US block list. This allows you to selectively block all bits of a website that you don't want to see or load. Virtually every website has a Google tracking link. Many have dozens of advertising links, tracking bots and many other undesirables. If nothing else, these all take time to download. With ADBlock Plus, you can kill ALL of them - This is ESSENTIAL SOFTWARE! It does away with the need to add lots of sites to the Windows HOSTS file which speeds up your PC.
Essential Software
Some software is essential even before installing your 'working' software.
- Printkey pro - Has been around for ever. It always did work well and still does. Allows you to capture a screen print of ANYTHING on the screen including those Windows error messages just before everything goes t*** up! Really flexible, with the ability to output or save in various formats - essential
- Cute PDF Professional - Installs as a printer driver and allows you to save anything you can print as a PDF file (even Printkey screen captures). Cute is fantastic for organising information. We have a directory D:\Myfiles\pdf\xxxx tree Any website you visit or page you see can be printed and saved in this way. This means you should never lose or forget anything at all. Plus, pages from different applications can be saved as a single document. For example a web order where you print out the order page, then add the help page and finally (when it arrives), append the email confirmation page. Some websites only show you certain pages once and you can never get back to them. Cute allows you to save them all. Files can be encrypted and password protected.
- Firefox + ADBlock Plus + Element Hiding Helper + Free US block list subscription.
- ZoneAlarm Security System.
- Open VPN. Secure internet connection with 128 / 256 bit encryption. Prevents ISP 'evesdropping' and IP address monitoring.
We hope you found the site interesting, well presented and above all, informative. Thanks for visiting and please feel free to link to us or recommend us to others. |
|