Skip to content

CyberFM

  • Home
  • FileMaker Security
  • Disclaimer
  • Privacy Policy
  • Home
  • Justin Pfefferle
  • FileMaker Deployment 101.5
  • Justin Pfefferle

FileMaker Deployment 101.5

Dimitris Kokoutsidis 4 years ago2 weeks ago20 mins0

A Comprehensive Guide

Justin Pfefferle, Oct 2, 2020, Claris Engage 2020

Table of Contents

  1. Introduction
  2. Understanding FileMaker Deployment
    • Deployment Options
      • On-Site Deployment
      • Cloud Deployment
      • Hybrid Deployment
    • Choosing the Right Platform
  3. Pre-Deployment Preparations
    • Assessing Server Specifications
      • CPU Requirements
      • Memory Considerations
      • Storage and Disk Space
      • Network Bandwidth
    • Gathering Client Requirements
  4. Configuring FileMaker Server
    • Choosing the Operating System
    • FileMaker Server Setup
      • Installation Checklist
      • FileMaker Server License
    • Configuring Backups
      • Backup Scheduling
      • Off-Site Backup Considerations
  5. Network Setup for FileMaker Server
    • Firewall Configuration
      • Creating Inbound Firewall Rules
      • Specifying Ports
    • Router and External Access Configuration
      • Port Forwarding
      • Configuring Access Restrictions
    • AWS and Cloud Setup
      • Security Group Configuration
      • Instance Type Selection
  6. Domains and SSL Certificates
    • The Role of Domains in FileMaker Server
    • DNS Configuration
      • Understanding DNS Records
      • Adding and Updating DNS Records
    • SSL Certificate Setup and Validation
      • Choosing the Right SSL Certificate
      • Validation Methods
      • Installation on FileMaker Server
  7. Testing and Go-Live
    • Pre-Launch Testing
      • Stress Testing
      • User Acceptance Testing (UAT)
    • Go-Live Process
      • Final Configuration Checks
      • Data Integrity Verification
      • Monitoring Post-Launch
  8. Troubleshooting and Maintenance
    • Common Issues and Solutions
    • Performance Optimization
  9. Summary and Key Takeaways

Introduction

Deploying a FileMaker solution is a multifaceted process that requires careful planning, preparation, and execution. FileMaker offers a versatile environment that can be tailored to a variety of deployment needs, from small internal setups to robust cloud-based infrastructures. This guide delves deep into every aspect of deploying FileMaker Server, from pre-deployment considerations to configuring network settings, setting up domains, managing SSL certificates, and going live.

Our goal is to make sure you have a thorough understanding of every component involved in the deployment process, so you can make well-informed decisions that align with your needs and those of your clients.

Understanding FileMaker Deployment

Deployment Options

Choosing the right deployment method is one of the first critical decisions you’ll make. Each deployment option has distinct advantages and limitations:

On-Site Deployment

On-site deployment involves setting up a FileMaker Server within your internal network. This option offers control over the hardware and software environment, with the ability to implement custom security measures. However, it also requires physical infrastructure and maintenance.

Pros:

  • Complete control over server environment.
  • Customizable to specific business needs.
  • No dependency on internet connectivity for local access.

Cons:

  • Higher initial cost for hardware.
  • Requires IT expertise for setup and maintenance.
  • Limited scalability compared to cloud-based solutions.

Cloud Deployment

Cloud deployment uses virtual servers hosted by cloud service providers like AWS, Azure, or specialized FileMaker hosting platforms. This option is ideal for scaling up or down based on demand.

Pros:

  • Easily scalable.
  • Reduced physical infrastructure costs.
  • Managed maintenance (on some hosting services).

Cons:

  • Ongoing subscription costs.
  • Requires reliable internet connectivity.
  • Potential data privacy concerns depending on hosting region.

Hybrid Deployment

A hybrid deployment combines on-site and cloud solutions. It can be used to optimize performance and provide redundancy.

Pros:

  • Flexibility in managing local and remote access.
  • Enhances disaster recovery options.
  • Can balance cost and performance needs.

Cons:

  • Complex to configure and maintain.
  • Requires advanced IT knowledge.
  • Potential network complexities.

Choosing the Right Platform

Your choice of platform should be informed by:

  • User Location: Local, remote, or a combination.
  • Scalability: Will the solution grow in the future?
  • Budget: Consider initial setup and ongoing costs.
  • Data Sensitivity: Are there legal or compliance requirements for data handling?
  • Performance: Consider response times, processing loads, and uptime requirements.

Pre-Deployment Preparations

Assessing Server Specifications

Selecting the right server specs is crucial to ensure stable performance and accommodate future growth. Here’s a breakdown of what to consider:

CPU Requirements

  • Choose a server with a multi-core processor. For most deployments, 4-core CPUs are a good starting point. Heavy or complex solutions might require 6 to 8 cores.
  • Higher clock speeds are beneficial for complex calculations and database queries.
  • Consider processors designed for server environments, such as Intel Xeon or AMD EPYC.

Memory Considerations

  • A minimum of 8 GB RAM is recommended for small deployments with a few users. Scale up to 16-32 GB for medium deployments or if using WebDirect.
  • Ensure that the server’s memory is sufficient to handle peak loads, especially if handling concurrent users.

Storage and Disk Space

  • Choose fast SSDs over traditional HDDs for better performance.
  • Calculate disk space based on the size of the database, containers, and expected growth.
  • Consider the disk IOPS (Input/Output Operations per Second) if your solution involves intensive data operations.

Network Bandwidth

  • Internal bandwidth should support high-speed LAN connections.
  • For external access, consider a minimum of 10 Mbps upload speed for small setups and higher for large-scale solutions.
  • Monitor traffic to prevent bottlenecks during peak usage.

Gathering Client Requirements

The client conversation is a foundational step. Use this phase to capture all technical, functional, and business needs:

  • Business Context: What problem does the solution address? Is there a regulatory context, such as HIPAA, GDPR, or CCPA, to consider?
  • Solution Usage: Number of expected users, types of users (admin vs. regular), and peak times.
  • Backup Expectations: How critical is data for the client? Discuss acceptable downtime and data loss to establish a backup and recovery plan.
  • Network Details: Will users access the solution remotely? If so, note any VPN requirements or remote desktop needs.
  • Special Considerations: Discuss container field usage, integrations (e.g., ODBC/JDBC), WebDirect needs, and specific hardware.

Configuring FileMaker Server

Choosing the Operating System

FileMaker Server supports multiple operating systems, each with its advantages:

  • Windows: Offers comprehensive compatibility with business environments. Easier for teams familiar with Windows Server environments.
  • macOS: Often chosen for small to medium-sized environments or when the development team prefers macOS.
  • Linux: FileMaker Server supports Linux, offering a robust and secure server environment. Ideal for cloud hosting and advanced users.

FileMaker Server Setup

Installation Checklist

Ensure all requirements are met before installation:

  1. System Requirements: Verify OS compatibility, available storage, CPU, and RAM.
  2. Administrative Access: Ensure you have the necessary permissions to install and configure the server.
  3. Network Configurations: Prepare static IP addresses and firewall configurations.
  4. SSL Certificates: Decide if SSL is needed immediately or post-deployment.

FileMaker Server License

  • Choose the appropriate licensing model: Perpetual License (one-time purchase) or Annual License (subscription-based).
  • Make sure to register the license properly and keep documentation for future reference.
  • Determine if the server requires an Annual Maintenance Subscription for updates and support.

Configuring Backups

Regular backups are crucial for data safety. Here’s how to set up an effective backup strategy:

Backup Scheduling

  • Incremental Backups: Daily backups with a retention period of 7 days.
  • Full Backups: Weekly or monthly full backups, kept for several months to a year.
  • Snapshot Backups: Take periodic snapshots before making significant changes to the database.

Off-Site Backup Considerations

  • Use cloud storage solutions for off-site backups (e.g., AWS S3, Azure Blob Storage).
  • Schedule automated file transfers to a remote server.
  • Encrypt backup files to protect sensitive data.

Network Setup for FileMaker Server

Firewall Configuration

Configuring the firewall ensures that only the necessary traffic reaches your FileMaker Server.

Creating Inbound Firewall Rules

  1. Access the Advanced Security settings in your firewall (Windows, macOS, or Linux).
  2. Create rules for the following TCP ports:
    • 80 (HTTP) – For web access.
    • 443 (HTTPS) – For secure web access.
    • 5003 – Primary FileMaker port for client connections.
    • 2399 – ODBC/JDBC access.
    • 16000 – FileMaker Server Admin Console access.

Specifying Ports

  • Double-check the accuracy of the port numbers.
  • Ensure only the necessary ports are exposed, minimizing potential attack vectors.

Router and External Access Configuration

For external access, adjustments to network hardware are necessary.

Port Forwarding

  1. Access your router settings and look for Port Forwarding options.
  2. Create a rule that forwards required ports (e.g., 443, 5003) to the server’s local IP address.
  3. Use a descriptive name for each rule for easy identification.

Configuring Access Restrictions

  • Limit access by IP if possible.
  • Ensure that management ports (e.g., Admin Console) are restricted to local or trusted IP addresses.
  • Consider setting up a VPN for enhanced security.

AWS and Cloud Setup

Cloud deployments require specific configurations for security and performance.

Security Group Configuration

  1. Navigate to Security Groups in your AWS EC2 dashboard.
  2. Create a new Security Group with descriptive rules:
    • Allow HTTP/HTTPS traffic for WebDirect access.
    • Permit FileMaker traffic (Port 5003) from known IP ranges.
    • Limit SSH/RDP access to specific IPs for administration.
  3. Attach the Security Group to the FileMaker Server instance.

Instance Type Selection

  • Use a t2.medium instance for small setups or a t2.large for up to 25 users.
  • Consider upgrading to m5.large or higher for high-demand applications.
  • Monitor usage via AWS CloudWatch to determine if scaling up is necessary.

Domains and SSL Certificates

The Role of Domains in FileMaker Server

A domain name enhances accessibility and security:

  • Provides an easy-to-remember URL instead of an IP address.
  • Essential for implementing SSL/TLS encryption for secure connections.

DNS Configuration

Proper DNS setup is vital for domain functionality:

Understanding DNS Records

  • A Record: Links a domain/subdomain to an IP address.
  • TXT Record: Contains text data used for domain verification.
  • CNAME Record: Points one domain to another, typically for subdomains.
  • MX Record: Specifies email server settings (if necessary).

Adding and Updating DNS Records

  1. Access your Domain Registrar’s DNS settings.
  2. Create an A Record for the desired subdomain (e.g., filemaker.yourdomain.com) with the server’s static IP.
  3. Adjust the TTL (Time to Live) based on how frequently the records may change.
  4. Test the domain resolution using command-line tools like nslookup.

SSL Certificate Setup and Validation

SSL certificates protect the data transmitted between the server and client.

Choosing the Right SSL Certificate

  • Use Domain-Validated (DV) certificates for basic security.
  • Opt for Organization-Validated (OV) or Extended Validation (EV) for enhanced trust if handling sensitive data.

Validation Methods

  • Email Validation: CA sends an email to a registered address (e.g., admin@yourdomain.com).
  • DNS Validation: Add a special TXT Record to your DNS settings for verification.
  • File-Based Validation: Upload a file to the server’s web directory for CA validation.

Installation on FileMaker Server

  1. Purchase or obtain an SSL certificate from a trusted CA (e.g., GoDaddy, Let’s Encrypt).
  2. Import the certificate file, private key, and any intermediate certificates in the FileMaker Admin Console.
  3. Test SSL functionality by accessing the server via HTTPS.

Testing and Go-Live

Pre-Launch Testing

Thorough testing prevents issues post-deployment.

Stress Testing

  • Simulate user load using tools like Apache JMeter or LoadRunner.
  • Identify bottlenecks and optimize the server or FileMaker solution accordingly.

User Acceptance Testing (UAT)

  • Involve actual users to perform day-to-day tasks.
  • Collect feedback to identify usability or performance issues.

Go-Live Process

Final preparations before going live ensure a smooth transition.

Final Configuration Checks

  • Review all firewall settings, domain configurations, and SSL certificates.
  • Disable development or temporary accounts.

Data Integrity Verification

  • Run integrity checks on migrated data.
  • Test backups to ensure data can be fully restored if needed.

Monitoring Post-Launch

  • Use server monitoring tools like Zabbix or Nagios to track server health.
  • Keep an eye on CPU load, memory usage, and network traffic.
  • Schedule periodic reviews to adjust configurations as necessary.

Troubleshooting and Maintenance

Common Issues and Solutions

  • Slow Performance: Check for hardware limitations, optimize queries, or increase server resources.
  • Connection Errors: Verify firewall rules, domain resolution, and SSL validity.
  • Backup Failures: Ensure proper permissions and test file system paths.

Performance Optimization

  • Regularly update FileMaker Server to the latest version for performance improvements.
  • Use server-side scripting to reduce client load.
  • Schedule database maintenance tasks like compacting to optimize performance.

Summary and Key Takeaways

Deploying a FileMaker Server requires careful consideration of hardware, software, and network settings to ensure a secure and reliable environment. By preparing thoroughly, understanding network configurations, setting up domains, and utilizing SSL certificates, you can successfully deploy a FileMaker solution that meets client needs and industry standards. Regular monitoring and optimization will help maintain a smooth-running server and enable scalability as the project grows.

For further assistance, the FileMaker developer community and official documentation provide valuable resources to support your deployment journey.

Tagged: Account Apache Attack AWS Azure Backup Balance Claris Engage 2020 Cloud Compliance Container Deployment Disaster Documentation Encryption FileMaker Server Firewall GDPR Good Hosting Install Integration Integrity Linux Load macOS Maintenance Management Monitoring Network Plan Privacy Provider Recovery Response Restore Role Scalability Server SSL SSO Test Troubleshoot Update UPS Usability VPN Web Windows YouTube Zabbix

Dimitris Kokoutsidis

Post navigation

October 2, 2020
Securing Your FileMaker Server in the Cloud
October 2, 2020
FileMaker Server Installation – Overview and troubleshooting