Apple Mac OS X Server Installationsanleitung Seite 53
- Seite / 197
- Inhaltsverzeichnis
- LESEZEICHEN
Bewertet. / 5. Basierend auf Kundenbewertungen
Chapter 4 Enhancing Security 53
This allows an organization to provide services to the external network while
protecting the internal network from being compromised by a host in the DMZ. If
someone compromises a DMZ host, he or she cannot connect to the internal network.
The DMZ is often used to connect servers that need to be accessible from the external
network or Internet, such as mail, web, and DNS servers.
Connections from the external network to the DMZ are often controlled using rewalls
and address translation.
You can create a DMZ by conguring your rewall. Each network is connected to a
dierent port on the rewall, called a three-legged rewall setup. This is simple to
implement but creates a single point of failure.
Another approach is to use two rewalls with the DMZ in the middle, connected to
both rewalls, and with one rewall connected to the internal network and the other
to the external network. This is called a screened-subnet rewall.
This setup provides protection in case of rewall misconguration, allowing access
from the external network to the internal network.
VLANs
Mac OS X Server provides 802.1q Virtual Local Area Network (VLAN) support on the
Ethernet ports and secondary PCI gigabit Ethernet cards available or included with
Xserves.
VLAN allows multiple computers on dierent physical LANs to communicate with
each other as if they were on the same LAN. Benets include more ecient network
bandwidth utilization and greater security, because broadcast or multicast trac is
only sent to computers on the common network segment. Xserve VLAN support
conforms to the IEEE 802.1q standard.
MAC Filtering
MAC ltering (or layer 2 address ltering) refers to a security access control where a
network interface’s MAC address, or Ethernet address (the 42-bit address assigned to
each network interface), is used to determine access to the network.
MAC addresses are unique to each card, so using MAC ltering on a network permits
and denies network access to specic devices, rather than to specic users or network
trac types. Individual users are not identied by a MAC address, only a device, so an
authorized person must have an allowed list of devices that he or she would use to
access the network.
- Mac OS X Server 1
- Contents 3
- 4 Contents 4
- Contents 5 5
- 6 Contents 6
- Contents 7 7
- 8 Contents 8
- 191 Index 9
- 10 Contents 10
- About This Guide 11
- Using Onscreen Help 12
- Document Road Map 13
- Viewing PDF Guides Onscreen 14
- Printing PDF Guides 14
- Getting Documentation Updates 15
- Standards 16
- What’s New in Server Admin 18
- Supported Standards 20
- Planning Server Usage 24
- Setting Up a Planning Team 25
- Identifying Servers to Set Up 26
- Dening a Migration Strategy 28
- Migrating from Windows 28
- Understanding Backup Types 33
- Understanding Restores 34
- Administration Tools 38
- Server Admin Interface 39
- Server Assistant 41
- Server Preferences 42
- Workgroup Manager 42
- Workgroup Manager Interface 43
- Server Monitor 44
- System Image Management 47
- Media Streaming Management 47
- Command-Line Tools 48
- Server Status Widget 48
- RAID Admin 48
- Xgrid Admin 49
- Apple Remote Desktop 50
- Enhancing Security 51
- About Network Security 52
- MAC Filtering 53
- Transport Encryption 54
- Payload Encryption 54
- About File Security 55
- Secure Delete 56
- Single Sign-On 58
- Public and Private Keys 59
- Certicates 60
- About Identities 61
- About Self-Signed Certicates 61
- About Intermediate Trust 61
- Readying Certicates 64
- Managing Certicates 69
- Deleting a Certicate 70
- Using Certicates 71
- SSH and SSH Keys 72
- Administration Level Security 74
- Service Level Security 75
- Security Best Practices 76
- Password Guidelines 77
- Creating Complex Passwords 78
- Installation and Deployment 79
- Setting Up Network Services 82
- About the Server Install Disc 82
- Before Starting Up 84
- Destination 91
- Choosing a File System 93
- JournaledHFS+ DataStore 50% 96
- Installer application 100
- Terminal application 100
- Administrator computer 101
- Subnet 1 101
- Subnet 2 101
- # Method 1 103
- --setBoot 103
- Software 104
- Installing Multiple Servers 106
- How to Keep Current 107
- Initial Server Setup 108
- Â Import Users and Groups 111
- Â Congure Manually 111
- Using Automatic Server Setup 115
- Handling Setup Errors 121
- Setting Up Services 122
- Setting Up Open Directory 123
- Setting Up User Management 123
- Setting Up All Other Services 123
- Ongoing System Management 124
- Mac OS X Servers 125
- Mac OS X 125
- Ports Used for Administration 127
- Ports Open By Default 127
- Server Admin Basics 128
- Grouping Servers Manually 129
- Identity 132
- Infrastructure Services 133
- Wiki Services 136
- Services 137
- Collaboration Services 139
- Producer 141
- Administering Services 145
- Managing Sharing 148
- Workgroup Manager Basics 150
- Administering Accounts 151
- Dening Managed Preferences 153
- Working with Directory Data 154
- Using Backup Power 161
- Link Aggregation 163
- Link Aggregation Scenarios 164
- Load Balancing 168
- Daemon Overview 169
- Load and unload daemons  170
- Set environment settings  170
- Monitoring Your System 171
- Using Server Monitor 172
- Using Disk Monitoring Tools 173
- Setting Up a Core Dump Server 178
- Setting Up a Core Dump Client 179
- Enabling SNMP reporting 181
- Conguring snmpd 181
- /usr/bin/snmpconf -i 182
- /usr/sbin/snmpd 182
- Tools to Use with SNMP 183
- Open Directory Logging 186
- Additional Monitoring Aids 187
- Push Notication Server 188
- # on the notification server 189
- 192 Index 192
- Index 193 193
- 19 4 Index 194
- Index 195 195
- 19 6 Index 196
- Index 197 197
Verwandte Produkte und Handbücher für PC / Workstation Barebones Apple Mac OS X Server
(60 Seiten)© 2020, manymanuals.de. Alle Rechte vorbehalten. | 2.381 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Kommentare zu diesen Handbüchern