Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Guide to Novell NetWare 6.0 Network Administration Chapter 14.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Guide to Novell NetWare 6.0 Network Administration Chapter 14."— Presentation transcript:

1 1 Guide to Novell NetWare 6.0 Network Administration Chapter 14

2 2 Chapter 14 - Implementing and Securing Network Services Describe NetWare 6 Internet/intranet services, including Net Services and Web Services components Install and configure Novell Web Services components

3 3 Chapter 14 - Implementing and Securing Network Services Describe public key cryptography and use the Novell Certificate Authority service to export public and private keys Describe internal and external security policies and strategies, including firewalls, virus protection, and defense against denial-of-service attacks

4 4 Novell’s Internet/intranet services: Help simplify the implementation of business networks by providing a common set of services for accessing data and resources with a variety of workstation and server operating systems The Internet service component can be divided into Web Services, which are TCP/IP-based applications that give users access to network data and services though Web sites and FTP servers, and Net Services, which extend the capabilities of standard Web services NetWare 6 Internet Service Components

5 5

6 6 Net Services requests: A network can be configured so that requests for Net Services originating at user workstations are sent via the Internet to a firewall running on a server or router; once through the firewall, the request is routed to the appropriate services based on its IP address and port number Port numbers are used to transfer information in a data packet to the correct application To gain access to NetWare files and resources, Net Services run as applications on Web Services components, such as Apache Web Server NetWare 6 Internet Service Components

7 7

8 8 Apache Web Server: Is open-source Web server software and a common platform for implementing Web-based services It is installed by default during the NetWare 6 install It’s primary purpose is to provide support for Novell Portal Services and Net Services, such as iFolder Requires no special configuration NetWare 6 ships with the Tomcat Servlet Engine, which is used to run Java-based Web applications NetWare 6 Internet Service Components

9 9 Novell Portal Services (NPS) is a portal strategy for delivering the right information to the people authorized to use it A portal provides one view into a company’s information and displays this data as Web pages With NPS, network administrators can protect and control access to network resources, delivering personalized data to people based on their company roles, locations, and group associations NPS consists of a number of Java servlets that run on Apache Web Server NetWare 6 Internet Service Components

10 10

11 11 NetWare Web Search Server: Makes network or Internet data searchable in minutes, and it bridges all types of networks NetWare Enterprise Web Server: Is an HTTP-based service for sending Web pages to browsers on the Internet, or to an intranet FTP server: Allows for file transferring between Internet hosts NetWare Web Manager: The portal service for managing Web Services NetWare 6 Internet Service Components

12 12 Working with NetWare Enterprise Web Server NetWare Enterprise Web Server can be installed during or after NetWare 6 server install, and once installed, NPS displays the NetWare Enterprise Web Server options in the Web Manager window to allow for configuration There are many configuration options and settings, but the most common tasks are: starting and stopping Web Services, changing the default path to the content directory, creating virtual Web sites, configuring document preferences, and setting up public and restricted access sites Installing and Configuring Web Services

13 13

14 14

15 15

16 16 Working with NetWare FTP Server: FTP services require server & client components Most Web browsers have a built-in FTP client for accessing FTP servers Many dedicated FTP clients enable the operator to enter commands directly from the FTP command prompt; other clients use a graphical environment Setting up NetWare FTP Server requires installing the FTP software on the NetWare 6 server and then configuring the software to provide access to the content directories Installing and Configuring Web Services

17 17

18 18 Working with NetWare FTP Server (cont.): After FTP Server is up and running, any FTP client can be used to log in to the FTP server and transfer files To enable FTP Server logging, enter your server URL and click your server name under the NetWare Enterprise Web Server heading to log in, click the Log Settings link in the left-hand column You can configure FTP security by clicking the Security link in the Server Preferences window Installing and Configuring Web Services

19 19

20 20

21 21 Working with NetWare FTP Server (cont.): Additional features of FTP Server include: multiple instances of FTP Server software; FTP access restrictions; intruder detection; remote server access; special Quote Site commands; firewall support; active sessions display; Namespace support; Simple Network Management Protocol (SNMP) error-reporting service; welcome banner and message file support; NetWare Web Manager management; Cluster Services support Installing and Configuring Web Services

22 22 Public key cryptography: Is a security system that authenticates users and organizations to ensure that they are who they say they are and encrypts data transmissions to prevent information from being intercepted Public key cryptography uses mathematically related sets of digital codes called key pairs, which consists of a public and private key that is unique to a person, an application, or an organization To create a digital signature, cryptography software mathematically links the data being signed with the sender’s private key Working with Certificate Services

23 23

24 24

25 25 Public key cryptography: The Certificate Authority (CA) service was developed to mediate the exchange of public keys In this service, the public key cryptography software running on an entity creates a public and private key pair. To get the public key authorized, an entity must send its public key and other identification data to a CA. The CA validates the owner’s key pair by creating a certificate containing the owner’s public key along with the CA’s digital signature Working with Certificate Services

26 26

27 27 Novell Certificate Server: Integrates public key cryptography services into eDirectory and enables administrators to create, issue, and manage user and server certificates It helps meet the challenges of public key cryptography in these ways: creating an organizational CA in the eDirectory tree; storing key pairs in the eDirectory tree to provide security; allowing centralized management of public key certificates through ConsoleOne snap-ins; supporting common e-mail clients and browsers Working with Certificate Services

28 28 Making Net Services and information available on the Internet exposes the network to potential electronic attacks Although public key cryptography secures data through encryption and identifies entities with digital signatures, it does not prevent outside hackers from gaining unauthorized system access Common hacker attacks categories: intrusion, social engineering, spoofing, virus attacks, denial-of-service attacks, and information theft Securing Net Services

29 29 Internal security involves placing NetWare servers in secure locations and making sure you have adequate password policies In addition, consider these network protection precautions: ensure that server rooms are locked at all times; workstations should not be visible from behind the user; keep wiring closets locked and restrict their access; provide extra security by using the console screen saver and SECURE CONSOLE commands; review file system and eDirectory security to ensure that users have only the rights they need to perform their tasks Securing Net Services

30 30 How to avoid common internal security violations: Ensure passwords are safe and secure, especially the administrator’s - intruder detection helps here Ensure that user accounts are not assigned unauthorized rights - a tool such as Novell Advanced Audit Service and tools from BindView Solutions help here Ensure that there are no rogue Admin accounts that have the Supervisor right to the eDirectory tree Securing Net Services

31 31 Firewall external security: Computer firewalls control access between the company’s private network and an untrusted external entity on the internet Firewalls consist of software that run on a server and can be configured in the following ways: control the type of traffic permitted between the internal private network and the Internet; keep log files of information about external traffic; provide a central point that all network traffic must pass through; and permit only selected services to access the network Securing Net Services

32 32 Protection against virus attacks: Viruses are often embedded in other programs or e-mail attachments, and are activated by running the program or opening the e-mail attachment Viruses are classified based on how they infect: boot sector viruses attack the boot records or file allocation tables; file viruses attack executable programs; macro viruses attack programs that run macros; stealth viruses disguise themselves to make it difficult for anti-virus software to detect them; worms are independent programs that copy themselves to other computers over a network Securing Net Services

33 33 Protection against virus attacks (cont.): Virus protection on a network involves: installing a virus protection system; making regular backups; and training users on how to reduce the risk of virus attacks Virus removal planning involves these steps: isolate all infected systems and floppy diskettes; locate the clean floppy disk formatted with a boot system created earlier with the anti-virus software; use the boot disk to start and clean all infected computers; restart the system and create a system backup; scan the network drives for infection Securing Net Services

34 34 Defense against denial-of-service attacks Denial-of-service attacks are usually caused by flooding the server with packets or sending oversized packets to a server, making it crash A properly configured firewall and software designed for Net Services security are the best defenses against these attacks Securing Net Services

35 35

36 36 Chapter Summary An essential part of Novell’s strategy for the future is to provide Internet services that enable clients and servers using diverse operating systems to be managed and accessed as one network. To do this, Novell has developed Net Services, which includes iFolder, NetStorage, iManager, iPrint, and iMonitor. Because Net Services is written to run on top of the open-source Apache Web Server, the services can be implemented on other network operating systems, such as Windows 2000/XP, Windows NT and Linux

37 37 Chapter Summary NetWare Web Services include Enterprise Web Server and FTP Server, which can be installed and customized to supply information and Web pages to the Internet and local intranet. The NetWare Web Manager portal is used to configure and manage both Enterprise Web Server and FTP Server. Typical Web server management tasks include specifying the primary document directory, creating virtual Web sites, setting document preferences, and specifying public and restricted access to Web content. FTP configuration tasks include setting the default FTP directory, providing anonymous access, and restricting user access to the FTP server

38 38 Chapter Summary Using public key cryptography to encrypt data transmission and provide authentication with digital signatures is a vital component of securing information transmission on the Internet. Public key cryptography uses public and private keys to create digital signatures and encrypt and decrypt data transmissions. Clients use the public key to encrypt data, which can be decrypted only by the public key owner’s private key Certificate Authorities (CAs) issue public key certificates for verifying that the public key belongs to the entity distributing it

39 39 Chapter Summary Internet security involves protecting Web and Net Services from threats such as theft, hacking, and computer viruses. An Internet security plan should include a firewall to isolate the internal network from the outside Internet and implement a virus protection and data recovery plan. Firewalls should be configured to detect denial- of-service attacks, such as the ping of death, SYN packet flooding, oversized UDP packets, teardrop attacks, and land attacks

Download ppt "1 Guide to Novell NetWare 6.0 Network Administration Chapter 14."

Similar presentations

Computer networks Fundamentals of Information Technology Session 6.

Computer networks Fundamentals of Information Technology Session 6.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 13: Administering Web Resources.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 13: Administering Web Resources.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
Chapter 12 Network Security.

Chapter 12 Network Security.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.

ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Lesson 19: Configuring Windows Firewall

Lesson 19: Configuring Windows Firewall
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
Virtual Private Network (VPN) © N. Ganesan, Ph.D..

Virtual Private Network (VPN) © N. Ganesan, Ph.D..

Similar presentations

Ads by Google