About
Broadcasters
Free Trial
Purchase
News
Documentation
OAS Audio API

OAS Playout & Hastings Rock

May 2004

Technical Overview

Principally the key difference this year was the introduction of a permanent internet connection (ADSL broadband). In previous years, access has been restricted to an isolated dial up computer for collection of emails. Now email traffic, the station's webcam and Playout's Shoutcast track updates will all be routed out through this connection. My key concern was in securing the network not only from external traffic but protecting it internally from contracting any email viruses sent either inadvertantly or maliciously to the studio.

Retaining the dual redundancy capability that's been present since day 1, the primary change is the introduction of a completly separate "protected network" hanging off the file server to serve email & web access into the studio. The network is completely firewalled at the file server end allowing only inbound email & web traffic through via proxy servers. Even if an infected mail or web page were opened it could only infiltrate that one machine.

The combined ADSL router/hub comes with a built in firewall to protect against external attacks. Direct internet access is allowed on the main network and this is a risk but in reality the only traffic will be outbound for webcam updates and Shoutcast stats. An additional bonus remains that the file server is Linux based - most common viruses are designed to attack Microsoft operating systems and applications. With the primary music store only being accessible via this machine and much of it being mounted read only reduces any risk still further.

One of the downsides is that the file server ('toaster') becomes a lot more critical to the running of the system. It now operates as primary web/email proxy server, name (DNS) and DHCP server (it's not still that ancient HP Vectra though, rather my old faithful AMD P266 in a standard AT form factor). Loss of this machine would immediately cause internet connection problems and complete loss of inbound email to the studio. The temporary stop-gap would involve connecting the email machine back to the main network - with the security hazzard that involves.

Beyond that, it's all very much the same as in previous years......

 
©2020 OnAStickSoftware, Comments to: playout@onasticksoftware.co.uk