From Gladinet Wiki
Jump to: navigation, search


I've got one question? How secure is your solution?

It is all relative to your threat model and the way it is deployed. Overall, it is much better than Dropbox. For example, if you deploy the solution on-premise, it allows NTFS permission and AD integration and that is very secure with NTFS.

Can I can install your software in my own infrastructure and the file transfer is with SSL?

Yes, you can install centrestack on your infrastructure. File transfer is over SSL. Basically, a lot of the security requirement is related to how much control you have over the software.

Can I install your software on a windows web server?

Yes, the software is built on top of Microsoft Web Platform including IIS. However, we recommend using a clean machine to start with instead of installing into an existing web site where IIS default web site is already taken. After installation centrestack will take over the Default Web Site. Therefore, if there is another application using the default website there could be a conflict because centrestack has web portal. All the admin work and web based file folder manager are on the web front web based admin for administrators, and web base file manager for regular user all use web site. Centrestack is the server in a standard client/server model and there are client agents software that is included which will be run remotely to connect to the server.

How to we disable user's home directory as we do not want to allow users to create or upload any content in their root?. We want them to access only the team folders they have assigned permissions to.

You can create a new role and under policy, check 'Disable User's home directory' and add users to the role. For users in that role, they can only access team folders they are assigned to. They can't create their own files or folders.

alt text

How do I change the email associated with the change log and storage usage emails i am getting every day?

You can change it in cluster manager -> Cluster Setting->Settings. It is called 'Email Address to Receive Cloud Monitor Messages'. From time to time, the cluster monitor service may send emails about status alerts and here is the email address to receive the those emails.

Does CentreStack live on-prem? I need a solution that can map AWS S3 locations and then expose those as CIFS shares. So, other on-premise clients can map.

Yes, CentreStack lives on-premise. You can use the server agent client that is available with CentreStack to map S3 buckets and expose them as CIFs shares which other users can map to.

Can I purchase the 20 users but divide them up between many different clients?

Yes, 20 licenses can be distributed among different clients (tenants).

Does each client have to use the same email domain or can they be mixed ie gmail.com, yahoo.com etc?

The emails can be all different and there are no specific domain requirements.

Are the files saved/backed up in anyway or do I have to provide my own backup for additional protection?

The files are in Amazon AWS S3 therefore, from a redundancy perspective, it is multi copy and with versioning. However, it does not replace your own backup.

Can I white label the hosted centrestack service and change the URL to remove references to Centrestack?

Yes, you can white label the service but the URL will be <yoursubdomain>.sync4share.com. Since we are hosting it, the sync4share part has to be ours. Sync4share cannot be branded or changed but the sub-domain can be yours.

How do I find the cluster Id of the cluster I am logged into?

You can click the 'i' icon at the top when logged into Cluster Manager as the cluster administrator.

alt text

What happens to tasks listed in 'Failed Subtasks' tab in Client Management Console?

When there are failed sub-tasks, they will be moved to Pending Retry. The system will auto try those tasks later. Also, when the system finishes the majority sub-tasks, it should only have the failed sub-tasks. At that time, you can retry the task and the audit trace should show the information for the error if any.

How do I make the file sync and share platform accessible from outside of a network?

You need to first have a DNS name that binds to a public IP address and the IP address is the route to your network. After that set ExternalURL property under cluster manager->cluster server farm-> cluster worker node to match that DNS name.

Can I add users to a folder and assign permissions without making a folder a team folder?

In order to add users to a folder and assign permissions, admin needs to first publish a folder and convert it into a team folder.

What are guest users and when can I use guest accounts?

Guest users have an account to access shared documents securely and might also have editing rights to files if write permissions are given to guest users.

What’s the quickest way to share a file to an external user from web portal?

When you need to share a file quickly with an external user, log into web portal and either right click a file or select the share icon. In the 'Edit Share' window click on 'Invite a User to Share' icon and enter the email of the user. On the next window, you can either choose the option 'Continue as it is now' in which case a user will receive an email invitation to the shared document(s) and will have read-only access inside a web browser. If you choose 'Add user as a guest user' then a guest account will be created for that user and the user can also have editing rights if write permissions were granted to the user. You can also specify the expiration time and password protect the file on the next screen. You can also disable download and check the options to receive notifications.

alt text

Can I use a virtual host or a physical machine for centrestack?

You can use either a virtual machine or a physical machine.

What operating systems are supported to install centrestack software?

For enterprise deployments, you should use Windows server operating systems like Windows Server 2008/R2 or Windows Server 2012/R2.

For POCs, centrestack can be deployed on Windows desktops OSes like Windows 7, Windows 8/8.1 or Windows 10.

Does centrestack work only on windows server or also linux?

The centrestack server only works on windows server because it is built on top of Microsoft Web Platform (IIS/Asp.NET).

Does centrestack support encryption?

Yes, we support Data-At-Rest encryption which uses AES 256 bit encryption to store data on the backend storage. Encryption should be enabled before uploading any data to the backend storage. For more details look at this link [1]

What kind of security features does centrestack have? encryption service side (encryption at rest)? https built in? secure in transit?

Yes, https just natively from IIS if you have your own commercial SSL cert. We also have data-at-rest encryption (DARE encryption). https takes care of data-in-transit.

Whom do you recommend to buy SSL certificate from?

Any commercial SSL certificate from SSL vendors like GoDaddy or RapidSSL. We ourselves use Comodo as recommended by the standards recent year. Use SHA 256 as the hash algorithm when you purchase the certificate.

Should I get SSL Certificate that is for 1 website or SSL Certificate that includes subdomains as well?

It is better to purchase a wildcard certificate which might be a little more expensive but will allow you to do client1.mycompany.com

After I purchase the SSL certificate, what do I need to do to make it work with my Centrestack?

You will install it into IIS web server so very standard Microsoft IIS method.

Can I sync a local folder on my personal machine to the cloud?

Yes, you can. Once you are logged into your cloud drive account, right click on the folder and select 'Attach to Cloud' option. After the folder is attached to the cloud. there will be a 2-way sync kept between the local and the cloud folder. You can access and edit the files locally and they will be synced to the cloud or vice versa.

Can I use Amazon Cloud Drive or Google Cloud Drive with CentreStack?

No, CentreStack does not support Amazon Cloud Drive or Google Cloud Drive. You can use Amazon S3 or Windows Azure blob storage with CentreStack. Amazon cloud drive and Google cloud drive are consumer solutions and are not meant for a real collaborative enterprise environment.

What is the difference between the team edition and the enterprise edition?

Team edition is our cloud hosted offering where we provide the storage, hosting infrastructure, maintenance and management. Enterprise requires that you supply your own storage, infrastructure and management.

Is there a way to set at rest encryption for the default tenant?

Yes, before you deposit any files into the folder. You can visit the same DareCfg.aspx page to enable DARE encryption. If you already have files uploaded, you will need to download those files first and then re-upload them after enabling DARE encryption. Turning on the encryption flag does not scan existing files to encrypt or decrypt, therefore you need to re-upload the existing files after enabling the flag.

What is the difference between a normal user and a guest user?

Guest users are users that don’t have a home directory. The only folder they have is “Files Shared with Me”. Therefore, they rely on “Normal Users” sharing files and folders with them before they can do anything. If nobody is sharing anything with a guest user, the guest user doesn’t have any read/write permission to any folders.

What is in-place versioning?

The option is for a tenant who uses local folder/share as backend storage. It enables versioning on a regular folder.

Data-at-Rest Encryption and Secure SSL Transmission

Data-at-rest (DARE) can be setup on a tenant-by-tenant basis. When turned on, Windows and Mac clients encrypt files before sending it out and stay encrypted when stored on the server side. For client devices such as iOS or Android, they send the original file and the CentreStack server upload proxy will encrypt the data stream before putting into data storage at the backend. The algorithm used in DARE is AES256.

Does Gladinet/CentreStack allow offline file access? If yes, can you explain how it resolves conflict issues if a file is edited by multiple people while one or both users are offline?

Yes, Gladinet/CenStack does allow offline access. When offline is allowed and when people edit documents are independent of each other. There is no way we can prevent overwriting each other's changes in offline mode. We have to rely on version control so at least different edits are recorded and can be used later on. However, when all users are online, we do have file locking when users can communicate with each other. So, file locking works when users are online but has to resort to version control when they are are offline.

The folder permissions work both ways. If a user has read only access to a folder, it is read only regardless if access is online or offline.

What are the Advantages or Disadvantages of By-passing the CentreStack to Upload Data to Cloud Storage?

There is a setting called 'File upload and download must go through worker node' under management console\group policy\security\general' which is enabled by default in centrestack and ensures that uploading and downloading of files always must go through centrestack server (worker node), however, there might be instances when disabling that setting can enhance user experience and increase availability of the centrestack server. Below are some of the advantages and disadvantages of the setting:


  1. Lower the load on worker node.
  2. Better performance from user perspective as for example Amazon datecenter in case of AWS S3 storage has more bandwidth.


  1. You cannot control the bandwidth usage.
  2. If you have anti-virus enabled, the traffic will not be scanned.

Purge Process for a Deleted Item:

When a folder is the root folder (the whole versioned folder is deleted) and there is a special logic to purge it. After the folder is deleted and the retention policy defined hits, the scan process will notice it and mark the folder to be purged. It will wait for 10 days. During the process, after 7 or 8 days, a warning email will be sent out, warning about purging the folder. Thus it is not happening right away. You can purge it from backend storage directly if desired.

SMTP Service Configuration

Most of the time IT would like to configure their own SMTP service so emails such as welcome emails to users when accounts are created or sharing emails go out using their own SMTP service. Admins can now configure SMTP service for the entire cluster or individual tenants. Once SMTP is configured, the 'Cloud Monitor Service' needs to be restarted in order to pick up the new SMTP changes. The 'Cloud Monitor Service' is located on the CentreStack server.

How is the drive mapped/created on Windows clients?

On the windows client side, the drive is mapped via a file system driver. It does not use SMB to map or create the drive.