Private Cloud Hosting
HYBRIDSERVER
Installation Quick Guideline
Create another new user with password and assign to Administrator Group is important as Windows backup administrator account.
Right-click My PC > Manage…
A host PC / server for HybridServer, It requires a static LAN IP address.
Open Control Panel > Network and Internet > Network and Sharing Center >
follow by click Close > close
Server static LAN IP is fixed. The example above, LAN IP is fixed to 192.168.1.222
HybridServer uses Java as WEB Engine.
Setup latest Java is required if you wish to allow WEB access by the remote client.
https://www.java.com/en/
Complete the installation as per instruction on screen.
If a prompt for Upgrade Java, accept it and proceed to upgrade.
HybridServer Software – Download address here
Download and setup the 5 users 15 days of trial software. Then import license file later to activate the trial software to a perpetual license.
Note: Windows 10 Home Edition does not support as Host PC for HybridServer.
The entire HyrbridServer installer will be downloaded onto this location of the harddisk
C:\Users\adrianfoopro\AppData\Local\Temp
3 new icons on desktop
Change default RDP port number 3389 to another customized number for better security > launch HybridServer AdminTool
HybridServer software basic setup completed.
RDP port changed to 54489
HTTP port changed to 58011
HTTPS port changed to 52886
What next …
Step 5 – setup VPN connection between host PC /server and remote client
Step 6 – apply ServerLink Application Control
Step 7 – methods of client access and print to local printer
Create new user with password. Each remote users should log in to Remote Desktop Server with own username and password respectively.
Do not share Windows account for more than 1 users for security and management reasons.
new users name and password should be properly documented as the table below…
repeat the above process to create the next user(s)
There are several methods for the remote client to connect the Host PC / Server.
Option 1: Router VPN – many fiber broadbands router has VPN Server capability. Using router VPN is faster and mostly PPTP supported.
Option 2: Firewall VPN – Configure VPN from Hardware Firewall is most recommended
Option 3: Zerotier One free software VPN – a free software-based VPN solution by . This software-based VPN are not consistent for slow broadband connection such as Streamyx ADSL.
Option 4: Hamachi Log-Me-In – A kind of Software VPN. Free for 5 connections per account.
Option 5: NeoRouter VPN – Free software VPN required open port forwarding* and Public WAN IP address.
Option 6: Port Forwarding – Open port forwarding* on the broadband router with Dynamic Hostname. Public WAN IP from the internet service provider is necessary.
*Open Port Forwarding is not recommended due to safety reasons and ransomware attacks.
Whichever connection methods should be documented for future reference and supports
How does remote client connect to Host PC / Server and print document to the local printer?
Method 1 – WEB Browser & print document to Universal Printer
Method 2 – Remote Desktop Connection – print document to Microsoft Redirected printer only.
Method 3 – dot Connect Client File – print document to Universal Printer & M/S Redirected printer
Change Default Port numbers
The default RDP port number 3389 is known unsafe. Change to any 4 to 5 digit custom number.
Default HTTP 80 usually conflicts with Windows Server IIS or CCTV. Therefore is encouraged to change.
SESSIONS – Permission
1. Do not allow remote users to access the server with Microsoft Remote Desktop Connection. But access with WEB Browser or Dot Connect Client file.
2. Allow only users with at least one assigned application.
ADVANCED – Security
– Block standard RDP clients “Yes”, do not allow any user to connect this server with Microsoft Remote Desktop Connection.- Disable existing sessions web listing
– No Web for Admins “No” members of Administrator Group are allowed to access using a Web browser
– Block WAN RDP clients “Yes” disallowed all forms of RDP connection from Wide Area Network
– Only Web Portal “No”, accept WEB access with HTML5, RemoteApp or Web Portal
– Only Web Portal for Users “No”, accept WEB access with HTML5, RemoteApp or Web Portal
– Only Users with Applications “Yes”, allow only users with at least one assigned application. All others will be logoff
– Whitelist Admin without Application “No”, All users included Administrator must have assigned application before it allows to access the server
HTTPS Secure Web with SSL certificate
Generate a free SSL certificate for Secured WEB.
Windows Password Policies
Create Windows password policies for hardening server security.
– Minimum password length, change from “0” to 9 characters or more
– Password must meet complexity requirement, “Enable” each password create with Alphabet, Number, Symbol, Small letter & Capital letters.
Proven and Effective Antivirus
We suggest Bitdefender Cloud Edition for Windows Desktop and Windows Server.
– Cloud-Based Antivirus (End-point) where all setting and configuration maintained on Gravityzone on the cloud server
– Local user are not allowed to Stop, to Pause, to Disable Protection, to Uninstall from the PC or Server. Force protection all-times.
– Purchase Bitdefender Cloud Edition from ServerLink allowed you to enjoy our policy that pre-set from the Gravity Cloud Server where will be hassle-free on the application compatibility issues.