10 Dec 2013 by Yuri Sagalov
Two weeks ago we officially released the AeroFS Private Cloud, a completely behind-your-firewall approach to file syncing and collaboration, to an overwhelmingly positive reception. Today I'd like to explain how we built it.
When we launched AeroFS from private beta this past April, we brought to market the idea that you don't have to give up your data privacy to enable syncing and collaboration in a BYOD world. The product we launched in April, the AeroFS Hybrid Cloud, allows businesses to sync and collaborate without ever having to trust us with their data, while managing their user accounts in the cloud. For many businesses, this solution is sufficient: They need to keep control over their data for compliance/security/IT policy reasons, but are happy to hand off the management piece.
At the same time, many larger businesses came to us with a stricter requirement: They need a file syncing and collaboration solution that never talks to our servers. With the help of products such as VMware and OpenStack, many companies are rolling out their own private cloud infrastructures and would like to provide better collaboration and syncing solutions on that infrastructure.
Traditional enterprise software is incredibly difficult to setup, maintain, and upgrade, often requiring companies to spend many hours and thousands of dollars on training. Installation often requires spending many hours on-site with customers, and dragging out the overall deployment cycle.
We decided that if we do provide an AeroFS Appliance, we’d need to set a few rules for ourselves:
In our own experience with software installation, dependency requirements can be an absolute nightmare and "simple" things like OS upgrades or third party package upgrades result in hours in lost productivity.
In order to minimize the amount of time our customers have to spend managing dependencies (and minimize our own time debugging various OS configurations) a black-box approach had to be taken. We will deliver the software as an appliance as a virtual machine with a completely pre-configured operating system. Since the behavior of VMware/VirtualBox/OpenStack is fairly predictable, we can be reasonably sure that if the user is able to boot the appliance, the software should work.
The installation step is the first time a user really interacts with your software, so it's important to get this step right.
As part of our black box approach, we do not want to expose the root shell to end-users to prevent inadvertent misconfiguration. This means that we need to get users out of the appliance console and into the web browser as early as possible.
The earliest possible opportunity to get the user into the browser is when their networking configuration is done, which is exactly what the AeroFS Appliance does. Once the appliance is booted, we expose a few ways to setup networking, and immediately ask the user to point their web browser at that IP.
Beyond that, the entire installation process can be done in five easy steps:
(Want to learn more about the setup process? Check out our quick install guide here)
One of the biggest problems with delivering software into a closed environment is encouraging people to upgrade. In the Hybrid Cloud model we perform upgrades automatically. Obviously, this is not possible when the software is deployed completely behind the corporate firewall, so we need a very simple upgrade path to encourage prompt upgrades and minimize downtime.
Since the software is delivered as an appliance, upgrades can be done in four quick steps:
An added benefit of this process is that if by some chance your upgrade goes awry, you can simply bring up your old instance, thus minimizing unexpected downtime.
AeroFS is a multi-component system. We have services that handle registration/authentication/etc., as well as client installable software that handle the day-to-day syncing operations of various devices.
One of the challenges that arise in such an environment is configuring each client to talk to the correct AeroFS Appliance.
Traditionally, users would have to configure settings manually, resulting in many unnecessary support requests and headaches for the end users. Occasionally, IT departments can pre-configure these settings through install scripts, but that is only viable in large IT organizations.
We wanted to take this pain out of both the users and the IT admins hands. This meant that we had to be able to repackage the software on the fly on the appliance itself.
During the last step of the AeroFS Appliance configuration, the Appliance takes the configuration parameters passed in by the admin and repackages the clients to only communicate with that appliance. Now, when an end user downloads/installs an AeroFS client from the appliance website they need to only specify their username and password, preserving the one-step setup process of the AeroFS Client!
Further, upgrades to the AeroFS Client are as seamless as before: Updated AeroFS Clients are delivered as part of the AeroFS Appliance, so when an IT administrator upgrades an AeroFS Appliance, the clients will automatically be upgraded as well, reducing the work required for the IT administrator.
An important piece in this entire process is our approach to security. An in-depth overview is available here, but we want to point out two important details:
The above work allows us to make a claim that's rarely possible in the enterprise world: In most cases, you can get the AeroFS Appliance up and running in five minutes. Really.
Don't believe us? Check out the demo below, or better yet, sign up for our free 30-day trial (no credit card required) and let us know what you think!
08 Oct 2013 by Yuri Sagalov
A commonly requested feature for AeroFS is the ability to designate some members of a shared folder as "read-only" members. They should be able to view, download, and receive updates to a document, but should not be able to modify it (a common use case is sharing read-only documents such as contracts with a vendor).
As of version 0.4.122, AeroFS now supports this feature! When sharing a folder with someone through AeroFS, there are now three different role types: Owner, Editor, and Viewer.
Owner: This is the role that has the highest level permissions, and is usually the person who created the shared folder. As the owner, the person can:
Editor: This person was invited by the Owner of the shared folder and is able to:
Viewer: This person was invited by the Owner of the shared folder and has the lowest access level. Viewers can:
Feel free to try it out for yourself, or take a look at the following support articles for more information:
Yuri & The AeroFS Team
24 Sep 2013 by Yuri Sagalov
Since we've launched AeroFS out of private beta in April this year we've received overwhelmingly positive feedback from businesses and individuals alike about the problem AeroFS is solving.
We strongly believe that AeroFS is on the verge of changing the way IT teams view and deploy file syncing systems. It is incredibly important to us that the market understands that they don't have to make a decision between securing their sensitive data or providing a file sharing and collaboration tool for their employees.
As part of that effort, I'd like to introduce you to AeroFS's new VP of Sales, Erik Mall. Erik will be in charge of AeroFS' go to market strategy, working closely with our existing customers to ensure that AeroFS continues ot focus on building the most secure file syncing and collaboration tool on the market.
Erik brings extensive experience in leading teams focused on developing and selling cloud based services, most recently as General Manager of the Propertyware division of RealPage (NASDAQ: RP). Prior to PropertyWare's acquisition, Erik was the VP of Sales at Propertyware and managed the sales team to a year over year growth of 130% from 2009 to 2011. Prior to Propertyware, Erik was employee #17 at Salesforce (NYSE: CRM) (and one of their first two sales reps), and held management and sales positions at Successfactors (NYSE:SAP), and Netsuite (NYSE: N)
We're incredibly excited to have Erik on board, and hope you'll share this excitement with us!
18 Jul 2013 by Linda Yang
The past couple of months has brought a lot of attention to a topic that we care a lot about here at AeroFS: data privacy.
One of the reasons we started AeroFS was to give people a way to share files that is as seamless and easy to use as existing solutions, yet offers more privacy. Your files never sit on our servers; they are shared only between the devices and people you designate, and all file transfers take place over secured connections.
And since we have a very international team working on AeroFS, we’ve been gratified to see that we are creating something that people all across the globe are looking for. In the past couple of months alone we’ve gotten signups from 117 countries and six continents— that’s 60% of the countries in the world. The response has been incredible, and it’s growing every day.
So to everyone who is coming along with us on this journey, and everyone who has been giving us feedback and helping us make our product even stronger: Thanks, Danke, and Obrigado. We’re excited to be part of the solution!
06 Apr 2013 by Linda Yang
After we launched AeroFS/S3 integration, we quickly learned from our users that the best use case for it is with our forthcoming Team Server product. Now that we've released the AeroFS Team Server, we'd like to show you just how easy it is to use S3 as your secure, encrypted (using your own keys!) endpoint:
Once you've created your AeroFS account, log in at www.aerofs.com, find "Install" next to your username in the upper right, and select "Team Server." ** Note that this option is visible to everyone who is an administrator of a team. This includes if you are a team of one (yourself.)**
Follow the setup wizard, and you will see this prompt during the setup process:
Click "Advanced..." and you will see an option to change computer name and where to store files:
When you choose "Store files on Amazon S3" you will be prompted for S3 credentials:
Setting up Team Server with S3 is also available via aerofs-cli. Simply input your S3 credentials, a bucket ID, and a encryption key when prompted. And voila, you're done.
As always, if you have any questions or hiccups setting up Team Server with S3, please ask for help at firstname.lastname@example.org or visit support.aerofs.com to hear from other AeroFS users.
Happy syncing (with S3),
The AeroFS Team