ClarkConnect 3.0 Review

Linux provides an excellent platforms for web, email, file and print services. Whilst extremely effective in larger businesses, distributions such as Red Hat and SuSE/Novell are too extensive and time intensive to be used within small businesses as a general purpose server.
Developed exclusively for this market is a new breed of server platform such as Microsoft 2003 Small Business Edition, Novell Netware Small Business and Point Clark Networks ClarkConnect. All three provide easily deployable multifunction server systems based on Windows 2003, Novell Netware and Linux respectively.


ClarkConnect 3.0 Dashboard
System Overview


I have used ClarkConnect 2.2 in its Home and Office flavors extensively and have found it flexible, stable and easily deployed on a variety of hardware. The version 3.0 release is a major update of the ClarkConnect platform. The Linux 2.6.9 kernel is now used, most aspects of the software has been upgraded and the underlying web configuration system has undergone a major overhaul. ClarkConnect has a freely downloadable Home version and a commercially focused Office version. For the purposes of my testing I downloaded and installed the 380mb Home version and ran it through its paces.


ClarkConnect 3.0 brings together a range of open source projects including Apache 2, Samba 3, MySQL 4, Squid, Snort, CUPS and Awstats. On top of these services sits a very capable yet concise Web management console. This console enables management of server services and provides a user-friendly tool for configuring system settings, users and reporting. To round things off the Point Clark Network provides a range of subscription based online services that significantly improve the value of the server on the local network. I have never wanted to spend the extra money on these services but as a value-add proposition they definitely are worth a look.


ClarkConnect is based on Red Hat/Fedora (but is in the process of migrating to Suse). Consequently if you have installed a Red Hat/Fedora system a ClarkConnect install will feel very familiar. During the text-based installation it is possible to configure RAID arrays and network settings. Hardware detection is automatic via Anaconda and this generally works without any input at all from the user. Once installation is complete the server reboots and after the fairly lengthly load sequence is complete a Lynx window with the Web manager console is shown onscreen. ClarkConnect is not weighed down by any X-Window system or server side configuration tools. Instead all configuration past this point is done via a client browser on the internal network.

For the purposes of this test my test system was an old Dell 450mhz Pentium III with 256meg of RAM and a 6gig hard drive. In the test box I installed a dual port Intel 10/100 network card alongside the integrated 3Com 10/100 NIC. All hardware was detected without issue and installation took about 20 minutes using the default partitioning scheme. Performance was a tiny bit slow given the nature of the hardware but overall things ran very smoothly like every other ClarkConnect system I have installed.


Day to day configuration and monitoring is performed via a web browser on a client machine on the internal network. By default the DHCP Server is not enabled so the network settings on the client computer must be set manually after the initial installation. Once logged onto the management console nearly all aspects of the server can be configured via a reasonably logical set of menus.

Registration & Updates

In order to receive updates you must create a free account at Point Clark. This process is quick and in the past year that I have been signed up I havent received any unwanted email. Once your account is created you can register the system with the Point Clark. This process enables updates, provides access to the subscription based online services and provides dynamic DNS and system status updates.


ClarkConnect Server Registration

Online Subscription Services


ClarkConnect uses the rpm package management system tied to the apt tool. The web manager provides a user-friendly way of managing updates and installed modules but for the more tech-savvy user it is easy enough to open a command line and run apt manually.


Server Modules Add/Remove


Firewall & Security

ClarkConnect uses a standard iptables firewall system. In version 3.0 the management of exactly what services are allowed in and out have undergone significant change. Group functionality has been included that allows a series of firewall rules to be enabled or disabled with one simple click. This is a massive improvement over the older, more manual system but takes a little getting used to if you are used to using the old system. To ease configuration a comprehensive list of outgoing/incoming services are provided so that certain activities (such as ICQ) can be blocked effortlessly.


Firewall Overview

Firewall Advanced Screen


To boost security there is also the very capable Snort intrusion detection system. Snort pulls updates off the Web and provides an excellent overview of attempted attacks and potential threats. To protect and manage Web users there is also a content filter, popup blocker and bandwidth throttler that provide basic yet relatively effective controls on what your users can view and download off the Web.


Snort Intrusion Detection

Web Content Filtering


User Management

Version 3.0 of ClarkConnect has implemented a centralized user management system. There was much debate as to how this centralized system would work but eventually a propertary system was used with hooks into the PAM security system. The user configuration screens allow for simple management of users and their passwords. New to version 3.0 is different passwords for standard and secure access to the server and options as to what services are available to specific users. These are welcome security and functionality enhancements but in this area ClarkConnect still needs development. Unfortunately group functionality for pooling users into functional working units is lacking. This feature is a definite requirement in offices that get above 5 to 10 users.


User Overview

Modify User Details


Another feature that would be a welcome addition is a way for users to modify their personal details and passwords. In small networks where users don't really want passwords in the first place this feature is not needed, but in larger networks the ability for users to frequently change their passwords or contact details is a necessity, especially if management requires frequent password changes for security purposes. Usermin is a relatively useful tool for this functionality and one that could be included in future ClarkConnect releases (but it would require an interface overhaul as at present it is very ugly).

Service Management

Service management is one of ClarkConnects strongest features. From a single screen an administrator can enable or disable all of the network services available on the system. Configuration of many of these services is via the Software section of the management console. Configuration is relatively straightforward and all but removes manual editing of text files for all but the most complex of tasks.


Server Service Monitor

Web Proxy Configuration


Windows File Sharing

ClarkConnect 3.0 uses Samba 3 which provides a far more comprehensive range of Windows network services. It is possible to use the server as a Windows domain controller and provide roaming profiles to users. Unfortunately one area still underdeveloped (although it has got better) is the ability to define Samba groups and complex file shares that provide mixed read/write access to a number of users based on their access level. As with previous versions if these advanced shares are required you must manually edit the smb.conf file. Both small business solutions from Microsoft and Novell offer this advanced functionality and providing this feature would significantly boost the native power of ClarkConnect.


Windows Network Configuration

Windows Share Configuration


Print Server

CUPS and Samba 3 working together provide basic print server functionality. This system works reasonably well but it would be very good to see an option to upload printer drivers to the system so that client-side printer configuration can be achieved without manually setting drivers.


Email Server

The IMAP server has undergone a significant upgrade in version 3.0. The new version allows creation of folders that contain both sub-folders and messages. This is a big improvement over the previous IMAP server and eases user training. Another improvement over previous versions is the inclusion of secure POP3 and IMAP access. This feature is easily enabled and makes the email system far more rounded.
Configuring email domains and user aliases is relatively straightforward yet powerful. This area worked well in version 2.2 and fortunately very few changes have been made in 3.0.


Email Services Manager

Email Alias Configuration


Extended Features

VPN Access

ClarkConnect provides VPN functionality for connecting remote networks and desktops. I must admit I have never used these features due to the extra loading placed on the system, instead I have found SSH connections and tunnels to be equally effective and less trouble to configure and maintain. Still it is nice to know this functionality is available should the need arise and it is good to see it is now a part of the Home version (in the past I believe you have to purchase the Office version to gain this functionality).

MySQL Server

Previous versions of ClarkConnect included MySQL under the hood but management was not really integrated into the web management console. Release 3.0 includes a basic MySQL manager and a link to an preconfigured PhpMySQL application. PhpMySQL is very powerful and it is good to see these tools being included into the default installation.


VPN Configuration

MySQL Manager


Under the Hood

Beneath the web management console lies a relatively standard Red Hat 9/Fedora hybrid system. This is really useful when customization or problem solving is required as a huge knowledge base and file repository exists for these two distributions. In the past I have installed IBMs Java SDK, Frox the ftp proxy and Jakarta Tomcat without any major difficulty.

Remote access for advanced management is available through SSH. This is also really useful for providing a low resource VPN system for remote users via WinSCP or an SFTP client.

Reporting & Logging

The reporting and logging features have always been strong in ClarkConnect and verion 3.0 is no exception. There are a number of reports available that provide Web, Web Proxy, Mail and a number of server statistics. I have found this functionality amazingly useful in the past for identifying bottlenecks and problem users.
The log viewer enables the standard Linux log files to be viewed on an aesthetically pleasing web page. This functionality is useful but not nearly as valuable as the extensive reporting tools.


System Load Statistics

Web Proxy Report


Help & Support

Online help in ClarkConnect 3.0 has improved significantly with the inclusion of context sensitive help button links to the ClarkConnect Help Wiki. This addition is very welcome and hopefully as time passes this online Wiki will grow to be a very useful support resource.


ClarkConnect Help Wiki


The Point Clark Networks discussion board is another very valuable resource for ClarkConnect users. It is very active and answers to nearly any question can be quickly found. As per usual with technical discussion boards be very careful of how you post your questions and always search for answers to your questions before posting (else you will quickly receive a rather nasty message from one of the more experienced users.

Missing Features

Whilst ClarkConnect is very capable there are a number of features I would like to see in the future (and if I had some spare time I would not mind helping out). An LDAP server (OpenLDAP) tied into the common user database system would be an excellent addition. Many authentication systems (such as Linux desktops) and groupware systems can use an LDAP source. I have read that the unified user database provides hooks for such an LDAP source so hopefully this functionality will appear in a later release of ClarkConnect.

Group functionality would be a very useful addition to the user management system, especially in the Office version where users have mixed file rights. Samba and the Linux user/group permissions systems allow for such functionality so surely all that is required is modification of the web management console. In office environments I have provided group functionality through manual editing of the groups, passd and smb.conf files. This is far from ideal and realistically an essential requirement for any environment with more than a few users.

Jakarta Tomcat and its associated Apache/Tomcat connectors would be a very useful but not essential addition. Installation of a Java VM and Tomcat is relatively simple. The difficulty lies in the Apache/Tomcat connectors and providing a simple yet effective web management interface for installing and managing Java Web Applications.

Finally I have found the ftp proxy Frox to be a very useful addition to the ClarkConnect suite. It enables the firewall to be locked down whilst still allowing users within the internal network to have both download and upload passive/active FTP functionality. Adding this service to the ClarkConnect package is not difficult (I have installed it on a number of systems) and it is surprising such a service does not already exist.

Retrospect Incompatibility

Dantz Retrospect is a powerful backup tool that I use extensively to backup my Windows, Linux and Apple systems. Unfortunately ClarkConnect in its gateway mode is not compatible with the Retrospect backup client. The Red Hat binary runs perfectly but there seems to be an issue with the gateway/firewall/routing table that causes the client not to be available during a Retrospect backup. This is annoying for users of Retrospect but most people will never face this problem.


ClarkConnect 3.0 is a very powerful small business/home office server solution. The new features are a welcome yet there is room in the future for more useful functionality. Unlike the expensive Microsoft Small Business Server 2003 or the difficult to configure Novell Netware Small Business Edition, ClarkConnect is relatively easy to install and the full Office version only costs approximately NZ$100.

All the functionality required of a small business server are provided and can be easily configured and monitored by non-technical users. This is a big plus for offices too small to justify round the clock IT support but still require the advanced functionality of more expensive systems. I believe the strength of the product is its reporting and configuration options but it is still relatively weak in user management and Windows networking. With the introduction of a new user management system and Samba 3 these areas should be on the improve and with an experienced Linux systems administrator these deficiencies can be compensated for. I would recommend ClarkConnect to anyone looking for an easily configurable gateway in their home or small office. In offices of more than ten people a Microsoft or Novell product is probably preferable due to their enhanced user management and file permissions systems.