Vlad Mazek - Vladville Blog

Home Articles SBS Show Vladfire About Links Contact Wiki RSS2 Feed

Why IM?

Instant Messaging is one of the most popular collaboration applications on the Internet, perhaps second only to email. Today, IM is one of the most convenient ways to communicate. It runs on all operating systems and nearly all cell phones have some level of IM integration. IM gives information workers the ability to multitask and still seem like they are giving their attention to the person they are chatting with. You can't do that with a phone, people tend to notice when you don't say anything for 30 seconds. IM today involves a lot more than just chat: video conferencing, chat rooms, presence indicators, application sharing, etc. In many situations IM is more efficient than email, especially when you need to go back-and-forth with the other side to accomplish your task.

Microsoft has recognized this early on with Microsoft Exchange 2000 when it bundled private Messenger functionality. Since then AIM and a number of other companies have provided commercial IM systems to Fortune 500 and other large companies. Microsoft decided to pull out the bundled internal IM from Microsoft Exchange 2003 and now offers an excellent standalone alternative in Live Communications Server 2005.

You need IM. Only problem is, if you are in small business you really have no alternatives. Commercial IM packages are fairly expensive and Microsoft obviously does not have a small business strategy as is evident by their pricing: 5 users for $1,200 or 25 for $5,000. So what is a small business owner to do? Many government privacy regulations eliminate the possibility of using the public IM system, and if you do the software and devices required to monitor your employees activity is usually as much as the commercial IM license.

The purpose of this guide is to give your small business secure and affordable IM infrastructure for under $25 in under 30 minutes. This guide is written in somewhat plain English to get you started but you should still consult a competent IT consultant to help you securely deploy this solution in your environment.

How do I pick a server?

When it comes to free and open IM technologies one name stands out: jabber. Jabber provides secure, extensible and supported protocols for your small business IM solution. What does that mean? Well, it means that you can get private IM for your business for free and still be able to use major public networks and chat software.

For the purposes of this article I'm using Jive Messenger which is completely free. It is not infested with spyware or advertising and there is no purchase required - you can freely download it over the Internet. There are a number of alternatives to Jive Messenger but I selected it because it fit three small business criteria: secure, easy to use and free! It also comes with built-in web administration interface that makes IM deployment quite trivial but with enough power to keep you busy for days.

Server Configuration

First step in getting your server online is actually downloading it from the web site. You can install the server on the Windows XP or Windows 2003 / SBS 2003 server and you will need to run the setup as the Administrator. Jabber server installs a service that runs in the background and handles presence operations for your network. You should install this software on the server or another standalone PC in your company that is secure, has a backup process in place and experiences little to no downtime. If this computer goes down, all your IM clients will disconnect so you need a reliable system.

Double click on the executable you've downloaded to start the installation.

Jive Messenger server is licensed under GPL which gives you a right to use the server software without paying a licensing fee.

Select the directory to place Jive Messenger files in. You can simply accept the defaults here.

Feel free to accept the defaults again, since this is a server/standalone system the only time you will access the shortcut to the program is when you're performing server maintenance or making configuration changes.

Depending on the speed of your system it may take a few moments for the server installation to complete. Mine wrapped up in under a minute.

Another info screen telling you that the Jive Messenger has been completed. It automatically installs itself as a service (so it can automatically start when the system restarts and keep on running once you log out of your session). Click on finish to launch the console.

The screen above is the Jive Messenger console. It gives you an option of starting and stopping the server. Lets start the configuration process, click on "Launch Admin" to get started.

Internet Explorer (or your default web browser) will pop up and login to the service. The setup process is quick and painless. Select English (or your language of choice) and click on Continue.

Server setting screen requests more information. The first thing it needs is the server name which is the address at which clients will connect to send instant messages. This is your fully qualified domain name (FQDN) usually in the form of computer.domainname. My server is hq.owncorp.com and yours may be something different. It is a common practice on Windows 2003 SBS to use a .local extension for the local domains so plug in that hostname and move on.

Select Yes to enable SSL connections. This allows the communication between your IM clients and the IM server to be completely encrypted and secure. This is an absolutely critical step, especially if you have remote workers connecting to your server at work. Click on Continue to move forward.

The screen above asks you to select a database that will store your configuration. Keep it simple and select the embedded database. Note: If you are making a large deployment and expect hundreds of clients connecting to the server you will need an external database. Click on Continue to move forward.

Finally, select the administrator password. The current password is admin in case you are not reading the prompts. Select a password that is difficult to guess. Click on Continue to finalize the installation.

Congratulations, you've completed the installation of the Jabber IM server. Start and stop the service and click on the "Login to the admin console" link to get started with advanced configuration of your IM server. In the following steps you will add users, restrict who can connect to your IM system and what level of logging and functionality you wish to enable.

Above is the screenshot of the administrative console for your IM server. The main screen gives you an overview of the IM server status, uptime, memory utilization, etc. The first thing you need to do is lock down your IM system. Click on Registration & Login

First, disable inbound account registration. You do not want strangers registering for accounts on your server. Second, disable anonymous login. You should only permit access to your employees who have provided a valid username and a password. Scroll down and click on Save Settings. Moving forward, click on Offline Messages.

Jabber IM has the ability to store instant messages sent to contacts while they are offline. Think of it as voicemail for IM. If a message is sent to a contact that is temporarily unavailable the server will hold the message until that contact signs in. Depending on the number of users and your preference you can modify the defaults but remember to Save Settings if you make changes. Click on Message Audit Policy.

Essential part of your IM security is knowing how your system is being used. If your employment policy allows for monitoring you can also keep an eye on what your employees are talking about. You can enable message auditing on this screen and set a limit on how much information you want to collect. You can audit message packets (IM messages), presence packets (signon/signoff activity), and IQ packets for general system troubleshooting purposes.

Save Settings and click on SSL Settings to modify SSL behavior. You should not have to make any changes there as you want the SSL enabled.

Additionally, you can configure Server to server communication. This is particularly useful if you have remote offices and do not want to create VPN sessions over the Internet. Users can authenticate and communicate via local server and only traffic that needs to reach remote offices (such as presence) is being passed over the Internet.

Let's add some users. Click on the Users / Groups and then click on Create New User. I will create myself with my email address and a complex password. Click on Create User or Create & Create Another to add more users to your IM server.

You will be informed every time you have successfully added a user to your IM server.

Summary of my user accounts: I have created Vlad and Katie who are the only users allowed to communicate over this server. As far as the server is concerned the configuration is complete. You should lock down the port ranges if you only intend to use IM on your internal network. If you expect users to connect to your server remotely (home users, road warriors) then you need to make sure that adequate ports are open. Jabber uses ports 5222, 5223 and 5269.

Client Configuration

IM client is the chat software that you install on your desktop/laptop. Like AOL AIM and MSN Messenger there are specific chat clients available for Jabber. Some are commercial, some are free, some are shareware. Personally, I recommend Trillian from Cerulean Studios simply because it is a proven IM client that is very well supported and maintained. It also has a stunning interface as you can tell from the following screenshots. Unfortunately, in order to use Trillian with Jabber you will have to pay for the commercial version which costs $25. Trillian is not licensed per seat so you can run it on all your PC's with just a single $25 purchase.

Note: The rest of this guide assumes the use of commercial version of Trillian. Double click on the executable you got from Trillian and start the installation on your client computers (desktop, laptop). The installation takes just a moment and there are very few options, you can safely accept the defaults.

Once the installation has completed you will have the option to Launch the Trillian client. Click Launch to get started.

First step is to setup the client connection to your IM server. Click on Trillian, Connection and Manage my Connections.

In order to connect to the Jabber IM server you first need to enable the plugin. Click on Plugins and check the Jabber 3.0 box to enable that service. If you do not want your clients using public IM services feel free to uncheck plugins for other public chat services such as MSN, AIM and ICQ.

Now lets add your account. Click on Connections, select to Add a new connection... and select the Jabber service.

Type in the credentials you assigned when you created the account on the IM server. Jabber ID takes form of username@server which in my case is katie@hq.owncorp.com, your's will be different. Provide the password, check the box to Automatically connect to this account at startup and click on Change.

Check the box Use SSL for connection to encrypt your clients communication with the server. This is crucial in keeping messages you exchange with the server private. Congratulations, you've added your account. Click on Save Settings and click on Connect.

Now just add your fellow coworkers to your buddy list so you can monitor their presence. Click on Trillian, Add Contact or Group, select the group to store the new contact in and select Jabber as the medium. Click on Next where you will provide the Jabber ID and a friendly nickname for your first contact. Click on Add Contact to add them to your buddy list or Finish to finalize your buddy list setup.

From here solicit the help of any teenager. You can chat with your contacts, send files, check history, indicate your presence and many other things. Play with it for a while and mind your IM ettiquete. You're done, enjoy your private corporate etiquette.

Additional Consideration

Corporate IM is an essential productivity tool and your business needs it. By now you've setup your server and your client but there are other things you should think about as you get the rest of your company added to your contact list:

Security. As with any critical part of your network, you need to make sure your IM server is always secure. The best way to do so is to subscribe to the newsletter or announcement mailing list of the IM server software you choose. When the publisher releases the new copy upgrade to it, especially if the purpose of the release is to fix a security issue. If you only intend to use the IM service on the internal network, make sure the proper ports are closed. Finally, enlist the help of a trusted guru or IT consultant that can lock down your network and minimize security threats.

Flexibility. This guide outlines only the basic setup required to give your organization chat and file sharing. The Jabber IM platform is capable of much, much more. For example, you can easilly tie in public IM connectivity and chat with parties on the MSN, AIM or ICQ networks. The Jabber IM server can work with your voice system, implement content filters, provide public presence over the web (in SharePoint sites or in email signatures) and give you another great medium to distribute your announcement by the use of message broadcasts. These services are beyond the scope of this guide but are as easy and effortless as the setup above.

Privacy & Legality. IM is a serious business tool and as with all business communication you can be held liable for what you say. As a general rule, do not type anything that you would not be comfortable saying directly to your managers face. Keep in mind that everything you say may be logged and used against you in the future.

Utility. IM is critical to your business and to your employees productivity. Treat IM as an asset and train your employees on how to take advantage of it. Jabber IM is as powerful, if not more powerful, than most corporate IM software. Your business deserves every advantage it can take in the IT realm and this one will cost you $25 and 30 minutes of your time.

Whats on Vlad's Mind?

Surprisingly little.

Actually, I am hacking away at WordPress at the moment so please pardon the dust. Should be done by the morning. The rest of the site should be done over the weekend.

Vladfire Vlog

Episode 14
Dave Sobel

Runtime: 7:05
Windows Media (37 Mb)
Quicktime (12 Mb)

Episode 13
Andy Goodman

Runtime: 5:51
Windows Media (30 Mb)
Quicktime (10 Mb)

Episode 12
Jeff Middleton

Runtime: 3:19
Windows Media (17 Mb)
Quicktime (6 Mb)

SBS Show Podcast

SBS Show is a free weekly podcast (Internet for recorded radio show) focusing on small business and technology. More at sbsshow.com but check out our latest episode:

SBS Show #24
Dave Sobel
Managing Process & Communication

Categories		Archives		About
Beta, Deals, E12, Events, Exchange, Friends, Gadgets, Google, IT Business, IT Culture, Legal, Linux, Microsoft, Misc, Mobility, Open Source, OS, Podcast, Programming, SBS Show, Security, Shockey Monkey, SMB, System Admin, Uncategorized, Vladfire, Vladville, Web 2.0, WordPress,		August 2006, July 2006, June 2006, May 2006, April 2006, March 2006, February 2006, January 2006, December 2005, November 2005, October 2005, September 2005, August 2005, July 2005,		Vlad says: Thanks for checking out my blog. You've officially reached the end of the Internet so take in what you've read and don't look at it as gospel but an invitation to start thinking for yourself.