Difference between revisions of "Media Library Setup"
From EHS Help
m (→Database Storage) |
(added example INI file) |
||
(4 intermediate revisions by the same user not shown) | |||
Line 11: | Line 11: | ||
''This is the default configuration'' | ''This is the default configuration'' | ||
− | * No specific set up is required after the installation and setup of AquilaServer and the Aquila database. | + | * No specific set up is required after the intial installation and setup of AquilaServer and the Aquila database. |
+ | * Encryption of media items is not performed when storing the media item inside of the database. | ||
+ | |||
* If switching back to Database Storage from the File System Storage method, find the MediaStorage setting in the AquilaServer.ini file and make the following alteration: | * If switching back to Database Storage from the File System Storage method, find the MediaStorage setting in the AquilaServer.ini file and make the following alteration: | ||
− | + | *: <pre>MediaStorage=0</pre> | |
* '''DO NOT REMOVE''' the LibraryPath setting; there may be files still stored there that will need to be found by AquilaServer. | * '''DO NOT REMOVE''' the LibraryPath setting; there may be files still stored there that will need to be found by AquilaServer. | ||
* Save the INI file and then restart the AquilaServer service. (net stop AquilaServer/net start AquilaServer from an admin level command line window) | * Save the INI file and then restart the AquilaServer service. (net stop AquilaServer/net start AquilaServer from an admin level command line window) | ||
Line 27: | Line 29: | ||
#: <pre>MediaStorage=1</pre> | #: <pre>MediaStorage=1</pre> | ||
#: <pre>LibraryPath=%drive:\path-to-your-media-library-root\%</pre> | #: <pre>LibraryPath=%drive:\path-to-your-media-library-root\%</pre> | ||
+ | #: <pre>EncryptMedia=1 or 0</pre> | ||
# Save the AquilaServer.ini file | # Save the AquilaServer.ini file | ||
# Restart the AquilaServer service (net stop AquilaServer/net start AquilaServer) | # Restart the AquilaServer service (net stop AquilaServer/net start AquilaServer) | ||
Line 33: | Line 36: | ||
'''Notes''' | '''Notes''' | ||
* Replace ''%drive:\path-to-your-media-library-root\%'' with your own path. | * Replace ''%drive:\path-to-your-media-library-root\%'' with your own path. | ||
+ | * Set EncryptMedia to 1 to enable file encryption, and 0 to disable file encryption. If this setting is omitted, the default is no encryption. | ||
* We recommend the LibraryPath is a dedicated local volume attached to the server in which AquilaServer is running. | * We recommend the LibraryPath is a dedicated local volume attached to the server in which AquilaServer is running. | ||
** The LibraryPath setting ''can'' be a network drive & use UNC file naming (i.e. \\MachineName\Path) if necessary, but we cannot guarantee performance or 100% availability in such configurations | ** The LibraryPath setting ''can'' be a network drive & use UNC file naming (i.e. \\MachineName\Path) if necessary, but we cannot guarantee performance or 100% availability in such configurations | ||
Line 44: | Line 48: | ||
* Files stored on disk in the media library are set to hidden & read-only when created. | * Files stored on disk in the media library are set to hidden & read-only when created. | ||
* Files are checked on each access for evidence of tampering & the end user warned accordingly. | * Files are checked on each access for evidence of tampering & the end user warned accordingly. | ||
− | * Files stored on disk are | + | * Files stored on disk are optionally encrypted by AquilaServer (see above). However, we also recommend customers look at encryption options in Windows itself. |
− | + | * The transmission of files (as with all AquilaServer traffic) is AES-256 encrypted before transmission. | |
* Customers are advised to ensure that the disk or folder in which the media library resides is not part of a network share. | * Customers are advised to ensure that the disk or folder in which the media library resides is not part of a network share. | ||
* Customers are advised to use NTFS permissions to reduce the access to the media library contents, except for administrators and the AquilaServer process. | * Customers are advised to use NTFS permissions to reduce the access to the media library contents, except for administrators and the AquilaServer process. | ||
* Security of the media library is the responsibility of the customer & should be implemented in accordance with local security policy for other files. | * Security of the media library is the responsibility of the customer & should be implemented in accordance with local security policy for other files. | ||
+ | |||
+ | ==Example AquilaServer.INI File== | ||
+ | |||
+ | [Settings] | ||
+ | ConnectionType=MSSQL | ||
+ | ConnectionString=AnyDAC?AuxDriver=MSSSQL;Server=LocalHost;Database=IBID;UserID=ibiduser;Password=anypassword; | ||
+ | MediaStorage=1 | ||
+ | LibraryPath=D:\Data\Aquila\Library\ | ||
+ | EncryptMedia=1 | ||
+ | |||
+ | ''Note that there may be other settings in the INI file'' |
Latest revision as of 08:14, 1 May 2018
Contents
Overview
- AquilaCRS supports the storage of media items; i.e. images, video and audio. The storage method is either
- Database Storage: media file contents are stored in binary fields inside a dedicated media data table.
- File System Storage: media file contents are stored in a automatically managed folders in a specified media library path on a disk accessible from the AquilaServer product.
- It is possible to switch storage methods after initial setup and even after the database has been populated with data. However, it is strongly recommended to select a storage strategy from the outset.
- Media storage methods are transparent to the end user, and the alternative configuration methods require no alteration to client software.
Database Storage
This is the default configuration
- No specific set up is required after the intial installation and setup of AquilaServer and the Aquila database.
- Encryption of media items is not performed when storing the media item inside of the database.
- If switching back to Database Storage from the File System Storage method, find the MediaStorage setting in the AquilaServer.ini file and make the following alteration:
-
MediaStorage=0
-
- DO NOT REMOVE the LibraryPath setting; there may be files still stored there that will need to be found by AquilaServer.
- Save the INI file and then restart the AquilaServer service. (net stop AquilaServer/net start AquilaServer from an admin level command line window)
File System Storage
- To enable File System Storage:
- Ideally ensure that no users are connected to AquilaServer: although the downtime will be limited to the time it takes to restart the AquilaServer service.
- Open the AquilaServer.ini file (located in the AquilaServer program folder, under the Program Files (x86)\Evolution Healthcare Systems Limited\ folder
- Add the following two lines to the [Settings] section:
-
MediaStorage=1
-
LibraryPath=%drive:\path-to-your-media-library-root\%
-
EncryptMedia=1 or 0
-
- Save the AquilaServer.ini file
- Restart the AquilaServer service (net stop AquilaServer/net start AquilaServer)
Notes
- Replace %drive:\path-to-your-media-library-root\% with your own path.
- Set EncryptMedia to 1 to enable file encryption, and 0 to disable file encryption. If this setting is omitted, the default is no encryption.
- We recommend the LibraryPath is a dedicated local volume attached to the server in which AquilaServer is running.
- The LibraryPath setting can be a network drive & use UNC file naming (i.e. \\MachineName\Path) if necessary, but we cannot guarantee performance or 100% availability in such configurations
Backups
- As with database storage, backing up of the on disk media library is the responsibility of the customer.
Encryption & Security
- Files stored on disk in the media library are set to hidden & read-only when created.
- Files are checked on each access for evidence of tampering & the end user warned accordingly.
- Files stored on disk are optionally encrypted by AquilaServer (see above). However, we also recommend customers look at encryption options in Windows itself.
- The transmission of files (as with all AquilaServer traffic) is AES-256 encrypted before transmission.
- Customers are advised to ensure that the disk or folder in which the media library resides is not part of a network share.
- Customers are advised to use NTFS permissions to reduce the access to the media library contents, except for administrators and the AquilaServer process.
- Security of the media library is the responsibility of the customer & should be implemented in accordance with local security policy for other files.
Example AquilaServer.INI File
[Settings] ConnectionType=MSSQL ConnectionString=AnyDAC?AuxDriver=MSSSQL;Server=LocalHost;Database=IBID;UserID=ibiduser;Password=anypassword; MediaStorage=1 LibraryPath=D:\Data\Aquila\Library\ EncryptMedia=1
Note that there may be other settings in the INI file