Difference between revisions of "Media Library Setup"
From EHS Help
m (→Encryption & Security) |
|||
| Line 12: | Line 12: | ||
* No specific set up is required after the intial installation and setup of AquilaServer and the Aquila database. | * No specific set up is required after the intial installation and setup of AquilaServer and the Aquila database. | ||
| + | * Encryption of media items is not performed when storing the media item inside of the database. | ||
* If switching back to Database Storage from the File System Storage method, find the MediaStorage setting in the AquilaServer.ini file and make the following alteration: | * If switching back to Database Storage from the File System Storage method, find the MediaStorage setting in the AquilaServer.ini file and make the following alteration: | ||
| Line 28: | Line 29: | ||
#: <pre>MediaStorage=1</pre> | #: <pre>MediaStorage=1</pre> | ||
#: <pre>LibraryPath=%drive:\path-to-your-media-library-root\%</pre> | #: <pre>LibraryPath=%drive:\path-to-your-media-library-root\%</pre> | ||
| + | #: <pre>EncryptMedia=1 or 0</pre> | ||
# Save the AquilaServer.ini file | # Save the AquilaServer.ini file | ||
# Restart the AquilaServer service (net stop AquilaServer/net start AquilaServer) | # Restart the AquilaServer service (net stop AquilaServer/net start AquilaServer) | ||
| Line 34: | Line 36: | ||
'''Notes''' | '''Notes''' | ||
* Replace ''%drive:\path-to-your-media-library-root\%'' with your own path. | * Replace ''%drive:\path-to-your-media-library-root\%'' with your own path. | ||
| + | * Set EncryptMedia to 1 to enable file encryption, and 0 to disable file encryption. If this setting is omitted, the default is no encryption. | ||
* We recommend the LibraryPath is a dedicated local volume attached to the server in which AquilaServer is running. | * We recommend the LibraryPath is a dedicated local volume attached to the server in which AquilaServer is running. | ||
** The LibraryPath setting ''can'' be a network drive & use UNC file naming (i.e. \\MachineName\Path) if necessary, but we cannot guarantee performance or 100% availability in such configurations | ** The LibraryPath setting ''can'' be a network drive & use UNC file naming (i.e. \\MachineName\Path) if necessary, but we cannot guarantee performance or 100% availability in such configurations | ||
Revision as of 10:05, 30 April 2018
Overview
- AquilaCRS supports the storage of media items; i.e. images, video and audio. The storage method is either
- Database Storage: media file contents are stored in binary fields inside a dedicated media data table.
- File System Storage: media file contents are stored in a automatically managed folders in a specified media library path on a disk accessible from the AquilaServer product.
- It is possible to switch storage methods after initial setup and even after the database has been populated with data. However, it is strongly recommended to select a storage strategy from the outset.
- Media storage methods are transparent to the end user, and the alternative configuration methods require no alteration to client software.
Database Storage
This is the default configuration
- No specific set up is required after the intial installation and setup of AquilaServer and the Aquila database.
- Encryption of media items is not performed when storing the media item inside of the database.
- If switching back to Database Storage from the File System Storage method, find the MediaStorage setting in the AquilaServer.ini file and make the following alteration:
-
MediaStorage=0
-
- DO NOT REMOVE the LibraryPath setting; there may be files still stored there that will need to be found by AquilaServer.
- Save the INI file and then restart the AquilaServer service. (net stop AquilaServer/net start AquilaServer from an admin level command line window)
File System Storage
- To enable File System Storage:
- Ideally ensure that no users are connected to AquilaServer: although the downtime will be limited to the time it takes to restart the AquilaServer service.
- Open the AquilaServer.ini file (located in the AquilaServer program folder, under the Program Files (x86)\Evolution Healthcare Systems Limited\ folder
- Add the following two lines to the [Settings] section:
-
MediaStorage=1
-
LibraryPath=%drive:\path-to-your-media-library-root\%
-
EncryptMedia=1 or 0
-
- Save the AquilaServer.ini file
- Restart the AquilaServer service (net stop AquilaServer/net start AquilaServer)
Notes
- Replace %drive:\path-to-your-media-library-root\% with your own path.
- Set EncryptMedia to 1 to enable file encryption, and 0 to disable file encryption. If this setting is omitted, the default is no encryption.
- We recommend the LibraryPath is a dedicated local volume attached to the server in which AquilaServer is running.
- The LibraryPath setting can be a network drive & use UNC file naming (i.e. \\MachineName\Path) if necessary, but we cannot guarantee performance or 100% availability in such configurations
Backups
- As with database storage, backing up of the on disk media library is the responsibility of the customer.
Encryption & Security
- Files stored on disk in the media library are set to hidden & read-only when created.
- Files are checked on each access for evidence of tampering & the end user warned accordingly.
- Files stored on disk are optionally encrypted by AquilaServer (see above). However, we also recommend customers look at encryption options in Windows itself.
- The transmission of files (as with all AquilaServer traffic) is AES-256 encrypted before transmission.
- Customers are advised to ensure that the disk or folder in which the media library resides is not part of a network share.
- Customers are advised to use NTFS permissions to reduce the access to the media library contents, except for administrators and the AquilaServer process.
- Security of the media library is the responsibility of the customer & should be implemented in accordance with local security policy for other files.
