User Login      + Register  

SecureOffice Overview  SecureOffice  xoops  16-Mar-2017 21:00  0  16245 reads

Table_of_Contents

1      SecureOffice Overview

1.1                Introduction

1.2                What SecurePBX Does

1.3                What VmWare Workstation Does

2      Why This Product Exists

3      Minimum System Requirements

4      What You Get And What It Costs

4.1                For Free

4.2                For Yearly Access Fee

4.3                With Trial Licensed Applications

4.4                With Paid Licensed Applications

4.5                How To Purchase

5      Future Applications

1      SecureOffice Overview

1.1                Introduction

SecureOffice is an OpenWrt based, high performance, state of the art router / gateway / WIFI access point using a modern 64bit Linux kernel. It is intended to augment and replace your existing router with a higher functionality, increased security / performance state of the art system. It is also an application platform capable of hosting many services both for the internet and your local LAN.

SecureOffice is intended to meet the privacy and security needs of anyone who uses the internet. It is designed to allow individuals and organizations to protect their information security and privacy in the escalating war initiated by those who believe your private, lawful business is their concern.

SecureOffice allows you to migrate from remote hosting of websites, telephone, email services and file storage to local hosting, allowing you to keep your communications and information secure, under your control and private. It is becoming very risky to trust third parties with YOUR information. Compelling reasons for information privacy and security are discussed in Privacy and Security.

Basic SecureOffice provides all standard OpenWrt packages (for free) with zero cost download and package updates. Anything that OpenWrt provides is available for SecureOffice, without the hassle of having to build it. OpenWrt has a vast array of HowTo's for applications such as file, media servers users may want. OpenWrt has a vey active user forum for questions and support.

SecureOffice also supports the premium SecurePBX and VmWare Workstation applications.

SecureOffice consists of four major integrated components with large user bases and support networks:

  • OpenWrt: is a highly extensible GNU / Linux distribution for embedded devices (typically wireless routers). OpenWrt is built from the ground up to be a full-featured, easily maintained operating system for routers. In practice, this means that you can have all the features you want with none of the risks / bloat of spyware, powered by a Linux kernel that's more recent than most other distributions. In addition, OpenWrt is opensource, peer-reviewed and tested to ensure that no security holes or spyware exist, which many commercial products have (by design). Further information regarding OpenWrt and user package installation / configuration is available on the OpenWrt Wiki page.
  • FreeSwitch: a state of the art, carrier grade SIP PBX (Private Branch eXchange telephone switch) with encryption for secure voice / video phone calls, currently unbreakable by any snoops / hackers who may consider your private lawful business to be their concern. FreeSwitch is opensource, peer-reviewed and tested to ensure that no security holes or spyware exist, which many commercial telephone systems have. Further information regarding FreeSwitch is available by following the FreeSwitch link.
  • FusionPBX is a browser-based GUI (Graphical User Interface) for easy user configuration of FreeSwitch. Without FusionPBX, user configuration of FreeSwitch is a daunting task, with a steep learning curve requiring editing configuration files, programming and call flow skills. FusionPBX is opensource, peer-reviewed and tested to ensure that no security holes or spyware exist. Further information regarding FusionPBX is available by following the FusionPBX link.
  • The SecurePBX telephony application is FreeSwitch and FusionPBX integrated together.
  • VmWare Workstation: (not opensource, commercial use requires an additional paid license from Vmware) allows hosting of virtual machines by SecureOffice. This allows users to easily port and consolidate existing network services from third party service providers and / or dedicated servers. Further information regarding VmWare Workstation is available by following the previous link. Additional information regarding virtual machine technology is available from WikiPedia.

SecureOffice is:

  • A high-performance internet gateway / wireless router / firewall (OpenWrt).
  • A highly extensible application hosting platform, with many free applications available:
    • OpenWrt applications such as file and media servers (Samba, DLNA, TFTP...), web servers (uHTTPD, email, Lighthttpd, NgInx, Apache...).
    • OpenWrt is very suitable for hosting IOT (Internet of Things) local and remote services.
    • In general, any application that is available for Linux can be made available for SecureOffice.
    • OpenWrt and basic applications for SecureOffice are completely free to download, update and use with no restrictions.
  • Additional application packages are available for a small yearly subscription fee. These applications are not available from OpenWrt and have been custom developed / ported, for SecureOffice including:
    • Additional drivers for graphics, multimedia and devices.
    • luci-app-certificates, to automatically update your domain SSL certificates with free Lets Encrypt certificates. Never worry about or pay for SSL domain certificates again.
    • LogTrigger, to detect invalid (hacker) intrusions and automatically block any offending IP address. LogTrigger can parse any arbitrary syslog event and run a custom (user defined) script in response to events. Uses are limited only by imagination. LogTrigger comes pre-configured to block invalid access attempts.
    • Xorg server (Linux window GUI) and standard Xorg applications.
    • (xorg) FluxBox window manager.
    • (xorg) Lxterminal, a multi-tabbed console for linux shell access.
    • (xorg) NoMachine server for remote access to SecureOffice desktop GUI.
    • (xorg) Xeoma video surveillance system. Free for up to eight cameras. Add IP cameras and turn SecureOffice into a video surveillance system / DVR
    • ZoneMinder video surveillance and alarm system. Also integrates with X10 home control. Easily create an IP camera DVR system.
    • Home-Assistant home automation and IOT control system.
    • Webrtc-streamer, a WebRTC based media server for remote access to IP security cameras, or any audio / video media source on local LAN.
    • Kurento Media Server a WebRTC based media server for remote access to IP security cameras, or any audio / video media source on local LAN.
    • Various convenience scripts for VPN, RAID setup.

Optional licensed ($) applications:

    • SecurePBX, an (encrypted) audio / video telephone system (FreeSwitch / FusionPBX).
    • VmWare Workstation for hosting virtual machines, allowing easy migration and consolidation of existing internet servers / services.
    • More to come, based on user requests.

1.2                What SecurePBX Does

SecurePBX is a standard SIP PBX (secure telephone system). Secure audio / video calls (encrypted, unbreakable) depends on whether the SIP clients (endpoints / phones) on the internet are capable of encryption, or not. It is not necessary for SIP clients on the local LAN to be capable of encryption, since SecurePBX does the encryption / decryption for all phones on the local LAN. SecurePBX can replace any standard SIP PBX switch such as Asterisk, Nortel, Avaya, Mitel, Cisco, etc., assuming the phones are compatible with standard SIP protocols.

A free trial license is available to try before buy.

SecurePBX can also be configured for FAX extensions to act as send / receive fax machines, without the FAX machine.

SecurePBX is compatible with legacy analog phones and terminals (including FAX) using standard ATA FXO / FXS interfaces. This allows using existing wiring and legacy analog phones in a home / office environment.

A basic overview, getting started guide for SIP and VOIP communications is located here.

SecurePBX can be used for the following endeavors / applications:

  • Geographically distributed enterprises with dispersed teleworkers. SecurePBX can, if desired, communicate / network with other SecurePBX's for load sharing by regional SecurePBX nodes.
  • Individuals and SOHO's who wish to replace their existing landlines and / or cellphone plans by less expensive (some without monthly phone bills) SIP telephony providers such as FreePhoneLine in Canada. Most SIP providers allow the option to keep your existing phone numbers.
  • Use your home / office telehone number for your cellphone also. In fact, with ring groups, any combination of phones (extensions) wherever they may be, planet wide, fixed or roaming can be configured to ring for any line (phone #).
  • If you are willing to accept the restriction that your cellphone number only works when WIFI is available, you can eliminate your monthly cellphone bill by configuring your Android cellphone as a SecurePBX extension, part of a ring group to a SIP phone number. Configuring this option for an extension means that unless you have a WIFI or cellular data connection (home, work, internet cafe, etc.) your cellphone will not be able to make / receive calls. Callers will be transferred to voicemail. This restriction can be lifted if you are able to find a cellular provider for data only, in which case, you are fully mobile, at the cost of your cellular data use.
  • Professionals such as Accountants, Lawyers, Brokers, Doctors who wish to offer a secure means to maintain client confidentiality.
  • Spooks and other state entities who wish to hide the fact that they are up to "no good".
  • Politicians, Bureaucrats and Diplomats weary of their private communications being intercepted, misrepresented and appearing on the nightly news, a career destroying event.
  • Dissident networks, organizing for social / economic change.
  • In general, any individual or group who wishes reduced communications costs of IP telephony, advanced features and / or, secure communications (privacy). For most SIP providers, advanced features such as call waiting, call forward and voicemail are normally free. SecurePBX is also capable of providing these features locally.

1.3                What VmWare Workstation Does

VmWare Workstation allows you to simultaneously run multiple operating system such as Windows and Linux in a virtual environment. This allows consolidating web, email and other internet services from dedicated PC's to virtual machines running under SecureOffice. It also provides a way to run legacy software / operating systems no longer supported by "modern" computers, preserving your IT infrastructure investments. This allows legacy server applications running on various PC's to be consolidated to run under SecureOffice.

VmWare Workstation is an optional licensed application available to SecureOffice users. Commercial users must purchase an additional license from VmWare. A free trial license is available to try before buy.

Email, web and other virtual machine servers using standard distributions with automatic security updates is the easiest, cheapest and best way to maintain security for your internet servers.

For example, this website, personal and corporate email, licensing and package update server is running under SecureOffice as a virtual machine (SmeServer-9) and has been in trial for several years by the developer and a group of engineering associates and beta testers.

Vmware Workstation can be used for the following endeavors / applications:

  • Those who do not want to risk or trust third party internet service hosting providers with access to their files, database, access controls and users.
  • Those who do not trust third party email providers with access to their email records.
  • It is possible for SecureOffice to be configured (without using virtual machines) to host websites, email and other internet services. Choosing to do so means you would also have to manage security, antivirus and other updates, a tedious task and not recommended. If you wish to do so, search the internet for OpenWrt web and email server HowTo's.
  • Using a standard operating system virtual machine distribution to host services such as websites, email servers, file servers has the advantages of automatic updates and low maintenance. Several modern Linux server distributions (most free) are compared here. The author uses and recommends Sme-Server.
  • Consolidating legacy servers, running on dedicated PC's as virtual machines under SecureOffice saves money and power. SecureOffice is capable of running multiple virtual machines simultaneously, limited only by performance of the hardware chosen to host SecureOffice.
  • Road Warriors can install SecureOffice / VmWare Workstation on their laptops and bring their entire secure network infrastructure with them, while simultaneously running their OS of choice as virtual machines.

2      Why This Product Exists

Personally speaking, I, the primary designer / architect of SecureOffice have experienced and observed many aggressions at the hands of corrupt forces self-alleging to be the powers that be. Still standing, more defiant than ever.

I have seen my civilization devolve:

  • From: A peaceful, merit based "division of labor" voluntary social / economic organization in pursuit of collective excellence where equality of opportunity (and under law) existed for all, respect for proven fact and reason.
  • To: A conflictual, compulsive "division of spoils" "civilization", on a path to perhaps the last world war, where the most corrupt and best lying psychopaths rise to the top (because of information control) and enslave / exploit all others, creating a huge underclass of needy dependents (who will riot if entitlements cut off) requiring them to pretend to be "fair", at collective expense.

Just one small example: As senior system and communications engineer at Nortel (designer of the very first caller / call waiting identification method and the telephone network protocols required to make it work globally), I was initially quite proud of my work and the quality of life improvements it enabled (ignore unwanted callers, without having to waste time or be rude). Then, I realized: It was not mainly about quality of life for customers, it was the very first step into the ability of those who control communications infrastructure (surveillance state) to know who's communicating with who, profiling social networks, giving them the ability to kill any dissident networks (political opposition) before they gain public awareness. Revolution is really Re-Evolution (adapting to reality). Sorry guys / gals.

Several years later (early 1990's), once the "value" of profiling social networks for control freaks became apparent (treat this as an unsubstantiated allegation, since very few have the courage to speak out and help prove it, lest they be "disappeared"), a huge CIA / NSA delegation showed up at Nortel in Ottawa, Canada, demanding unfettered backdoor access to all our networking and switching equipment, else, be shut down, blocked from "free markets". Rank and file engineers opined "no way". You can guess what really happened, when management chooses. I assume every major telecommunications manufacturer on the planet had similar visits. Your property is spying on you and has been for quite some time. I am not the first, nor will I be the last to state this inarguable FACT. Google "Edward Snowden".

Nortel is now RIP, since it is considered "unfair" that competent, productive people be paid more than "needier", unproductive people. This (punitive taxes, brain drain) drove the best and brightest Nortel employees out of Canada (taking trade secrets to our competitors), causing massive product failures (incompetence, inability to compete by excellence) which more money was futilely thrown at (competence was required, but to "bean counters", all engineers are equal, throw more at the "problem"). Management reacted to inability to make an honest buck in Canada and engaged in "pump and dump" stock fraud, were criminally changed and got "wrist slaps" (IMHO, because they could plausibly argue that the greedy tax person caused this, left them no choice).

Bottom line: We now live in a "civilization" where the truth that should be setting us free, on a path to collective excellence, ability to freely communicate / express ourselves is deeply suppressed / misrepresented by control of information. As a communications engineer, I am painfully aware of this. We are at war for our very right to exist and choose our own paths in life, to peacefully live and raise our families, passing on our values as we see fit. As a self-made successful man, from the days when it was once possible, I seek this opportunity for everyone, including my (and your) children.

My last assignment at Nortel combined my private interests in social / economic (comparative study of civilizations / history) needs / trends and technology trends. My job was to identify product opportunities ten years out at the intersection of social / economic needs and technological capability.

SecureOffice is the result of concluding: WE need to fight back in the war for control of perceived reality (information), attempting to enslave all of us, starting with our minds. SecureOffice is a powerful tool, opportunity for those who wish to protect themselves from the (in)security state and info-warriors who wish to be pro-active, or at least stay out of the crossfire by becoming anonymous, invisible to the perps who are "casing our joints". The solution is to "go dark" and SecureOffice is the means.

Yes, there is work and maybe some learning involved. Freedom IS NOT FREE.

3      Minimum System Requirements

  • Hardware meeting minimum requirements, as documented here. Any 64 bit Intel Windows 7 compatible PC should be adequate, including old laptops and desktops. The budget conscious can install / evaluate SecureOffice on an old PC before investing in modern, lower power hardware.
  • Alternatively, SecureOffice can be installed as a virtual machine (requiring no dedicated hardware) on any modern Linux or Windows PC. A preconfigured SecureOffice virtual machine can be downloaded and used for free. This is the quickest, cheapest way to evaluate SecureOffice prior to committing to hardware.
  • Choose WAN or LAN network topology to determine whether two or one ethernet ports are required for SecureOffice hardware. The pros / cons of network topology selection are discussed here. Running SecureOffice as a virtual machine implies LAN topology.
  • Optional: SecurePBX (licensed application, $) if you want to host (secure) telephone services.
  • Optional: VmWare Workstation (licensed application, $) if you want to host virtual machines. Running VmWare Workstation in a SecureOffice virtual machine is not possible
  • SecureOffice, the operating system and basic applications (free).
  • Cable / ADSL Modem - to connect to your internet provider.
  • A 10/100/1000M Ethernet Switch (WAN topology) with sufficient ports to connect your wired LAN devices.
  • A PC to administer / configure SecureOffice
  • Optional: A public IP address, domain and DNS provider if you want to host internet services or make phone calls (including secure) over the internet. Refer to the DNS provider (some free) HowTo for further information regarding public IP addresses, domains and DNS.
  • Optional: (for telephony service) At least two SIP phones (may be free clients for your Android tablet or cellphone or PC) and / or a wide range of compatible SIP phones and ATA's (Analog Terminal Adaptors). Refer to the SIP Clients HowTo for further information.

4      What You Get And What It Costs

4.1                For Free

  • A high performance, feature rich, secure state of the art router / gateway / WIFI access point.
  • Basic SecureOffice which is everything available for OpenWrt.
  • Package updates. A list of free packages is here.
  • Support using this website forum, OpenWrt HowTo's and support forum.

4.2                For Yearly Access Fee

A small yearly access fee applies. Using free, automatic SSL certificates (luci-app-nginx-certificates) alone saves you more than the small fee.

Access to custom developed packages / scripts not available from OpenWrt, including:

  • Additional drivers for graphics, multimedia and devices.
  • luci-app-certificates, to automatically update your domain SSL certificates with free Lets Encrypt certificates. Never worry about or pay for SSL domain certificates again.
  • LogTrigger, to detect invalid (hacker) intrusions and automatically block any offending IP address. LogTrigger can parse any arbitrary syslog event and run a custom (user defined) script in response to events. Uses are limited only by imagination. LogTrigger comes pre-configured to block invalid access attempts.
  • Xorg Server (Linux window GUI) and standard Xorg applications.
  • (xorg) FluxBox window manager.
  • (xorg) Lxterminal, a multi-tabbed console for linux shell access.
  • (xorg) NoMachine server for remote access to SecureOffice desktop GUI.
  • (xorg) Xeoma video surveillance system. Free for up to eight cameras. Add IP cameras and turn SecureOffice into a video surveillance system / DVR
  • ZoneMinder video surveillance and alarm system. Also integrates with X10 home control. Easily create an IP camera DVR system.
  • Home-Assistant home automation and IOT control system.
  • Webrtc-streamer, a WebRTC based media server for remote access to IP security cameras, or any audio / video media source on local LAN.
  • Webrtc-streamer, a WebRTC based media server for remote access to IP security cameras, or any audio / video media source on local LAN.
  • Kurento Media Server, a WebRTC based media server for remote access to IP security cameras, or any audio / video media source on local LAN.
  • A list of custom packages is available here.
  • Access to premium content including easy RAID and VPN configuration scripts.
  • Forum and email support for any problems with custom applications / scripts. Forum is preferred since all can benefit.

4.3                With Trial Licensed Applications

Trial Applications require many premium packages as dependencies, meaning that trial users must pay the yearly access fee to be able to access trial packages.

4.4                With Paid Licensed Applications

Premium applications (SecurePBX, VmWare Workstation) are available with yearly or permanent licenses. It is strongly advised to be satisfied with the trial application before committing to a paid license.

Paid licenses require access to premium content for installation. Pricing considers the yearly access fee that was paid to access the trial versions. This means, if you have not already done so that the access fee must have been paid prior to installing premium applications.

4.5                How To Purchase

It is necessary to be up and running free SecureOffice, with an active domain prior to purchasing anything.

Follow the instructions in the prerequisites section, to prepare for SecureOffice installation.

Follow the instructions in the install section to download, install and configure free SecureOffice.

Ensure your user information at the SecureOffice web interface (System->Licensing->Registration) page is correct.

If purchasing a premium application, please install (and be satisfied with) the trial version prior to purchase.

The SecureOffice registered domain must be active. All authentication and license requests must come from the registered domain, else will be denied.

Become a registered user at this site (only once):

  • Click "Register" at top of this page. The registration form will appear.
  • Enter username, email and password.
  • Select "I Agree" to the site terms of use.
  • Answer the "skill" testing question.
  • Click submit. A confirmation email will be sent.
  • Follow instructions in the confirmation email to complete registration.

Login to this site, click "Purchase", add items to cart by selecting the desired product, select "continue shopping" until all products desired are entered.

Select "Checkout". On the "Validate Purchase" page, enter mandatory (marked by "*") user information. Select "Next" when done.

Select "PayPal" as the payment method, select "Final Confirm". On the next page (Validate Purchase), review your order before selecting "Pay Online". Selecting "Pay Online" will take you to the Paypal website to login and complete the purchase.

Paypal will send a purchase confirmation email containing a "Transaction ID : 81G64613TK608341D" (example). Keep this email for proof of purchase.

Enter your Paypal payment ID in the correct form and press "Save and Apply":

  • For Access to premium packages / scripts, enter your Paypal payment ID at "System->Licensing->Registration".
  • For licensed applications, enter Paypal payment ID at "System->Licensing->Manage Licenses->Application".

After purchasing custom repository access, the repository and user credentials must be configured. Instruction are located in the enable repository access section.

Upon receipt of payment confirmation from Paypal, the license administrator will update your Access / License status.

5      Future Applications

The following applications are currently being developed:

ownCloud - a self-hosted file sync and share server. It provides access to your data through a web interface, sync clients or WebDAV while providing a platform to view, sync and share across devices easily, all under your control. This will be useful for "cleaning" your laptop and Andriod phone to avoid "paranoid" border crossing events.

It is expected that users will have many suggestions regarding new applications. The forum will contain a topic dedicated to this. May the best ideas win.

It should also be noted that development is not free. It is hoped that market acceptance will result in resources to pull together a much larger engineering team and provide many more features (and, freedom from the "security state" which should be a concern for all).

Rating 0/5
Rating: 0/5 (0 votes)
Votes are disable!
Print article
The comments are owned by the author. We aren't responsible for their content.
Author
Thread

Technologies Used:

Design by: XOOPS UI/UX Team