Presentation is loading. Please wait.

Presentation is loading. Please wait.

Unicenter Desktop & Server Management Network Challenges -Latest Revision 11/28/2005.

Published byBlanche Collins Modified over 9 years ago

Similar presentations

Presentation on theme: "Unicenter Desktop & Server Management Network Challenges -Latest Revision 11/28/2005."— Presentation transcript:

1 Unicenter Desktop & Server Management Network Challenges -Latest Revision 11/28/2005

2 Network Challenges © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies.

3 3 Network Challenges Overcoming network topology issues has been simplified with DSM r11. Remote SiteLocal LANDMZ

4 © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 4 Communication Types Basically, there are only two types of communication…

5 © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 5 Component to DB Component to database via the default or configured database port… Database Communication Ingres (Ingres/Net 19016 & 19017, JDBC 19023) Microsoft SQL Server (Default 1433)

6 © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 6 Component to Component …and component to component via default or configured CAM and multiplexer ports. Inter-Component Communications CAM (UDP 4104, TCP 4105) DSM Multiplexer(4728)

7 © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 7 Domain Management Component Overview Inter-Component Communications CAM (UDP 4104, TCP 4105) DSM Multiplexer(4728) Database Communication Ingres (Ingres/Net 19016 & 19017, JDBC 19023) Microsoft SQL Server (Default 1433) Ports shown are for default installation of database and components. Always refer to “Ports Used by Unicenter DSM” in the DSM “Implementation Guide” for more detailed, most accurate information.Implementation Guide

8 © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 8 Required Ports “Opening” required ports (a.k.a. “connectivity” ) is only half the battle, however. Remote SiteLocal LANDMZ

9 © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 9 Firewall and NAT Firewalls not only block port communication but also conceal the identity of the resources they protect using Network Address Translation (NAT). Remote Site Local LAN DMZ

10 © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 10 Keep Target System “Visible” Not only must access rules allow connectivity to the target system but the target system must be “visible” from the system initiating the communication. Remote Site Local LAN DMZ

11 © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 11 Visibility Example “Visible” does not necessarily mean the IP address for the target can be resolved and reached by the source system directly.

12 © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 12 Visibility Example Domain Manager may not be able to resolve or reach the IP address of the Scalability Server directly. But, if Domain Manager knows to transmit data to the “edge” device public IP (the firewall) at the remote site (likely through a DNS entry)…

13 © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 13 Visibility Example … and the “edge” device is configured to route certain traffic (e.g., CAM) to the private address of the Scalability Server…

14 © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 14 Visibility Example … and CAM on the Scalability understands the traffic is destined for it, required communications can flow.

15 © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 15 Common Visibility Issues Attempt to resolve “visibility” issues before becoming concerned with establishing connectivity (“opening ports”). -Common Issues: -Target identifiers not unique -Target identifiers cannot be resolved -Target identifiers change without notice

16 © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 16 VPN Visibility Issues VPN is common proposed as a solution for overcoming connectivity and visibility issues. VPN can be used to address connectivity issues by virtually eliminating the firewall from the equation. However, dependent on the type of VPN deployed and configuration, it may introduce a visibility issue.

17 © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 17 CAM Configuration and Troubleshooting DSM communication in r11 is highly dependent upon CAM. It highly likely in complex network environments that the “out of the box” configuration will need to be modified.

18 © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 18 CAM Configuration and Troubleshooting Local copy of the latest version of the “CAM Admin Guide” has been provided and is also available online at http://devnews/CAM/main. htm?current=documentatio n.CAM Admin Guide http://devnews/CAM/main. htm?current=documentatio n

19 © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 19 Limited Number of Challenges Given the interaction of DSM components and basic architectural design principles the number of challenges is fairly limited.

20 © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 20 Domain Level Challenges Since Engines should be electronically close to the MDB, the principle challenge at the Domain level will be Domain Manager communication to/from the Scalability Server.

21 © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 21 Resolution: Scalability Server Since Domain Manager communication to/from the Scalability Server requires only CAM and multiplexer connectivity, it is a matter of... - Ensuring the Scalability Server host is “visible” from the Domain Manager and vice versa. - Connectivity is possible by ensuring communications via the default/configured CAM and multiplexer ports and protocol is not blocked.

22 © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 22 Resolution: DSM Explorer At the Domain level, the DSM Explorer must communicate with the Domain Manager via CAM and the multiplexer port. Since it is conceivable that not all instances will be installed on the same LAN... - Ensure the Domain Manager host is “visible”. - Ensure Connectivity is possible via the default or configured and multiplexer CAM ports and that protocol is not blocked.

23 © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 23 Resolution: Reporter At the Domain level the Reporter must communicate with the Domain Manager via CAM and with the MDB via the database port. It is possible that not all instances will be installed on the same LAN... -Ensure the Domain Manager host is “visible”. -Ensure the MDB host is “visible”. -Ensure Connectivity is possible via the default/configured CAM port(s) and protocol is not blocked. -Ensure connectivity is possible via the default/configured database port.

24 © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 24 Enterprise Architecture Challenge In an Enterprise architecture, the Enterprise Manager must be able to communicate with Domain Managers to link Domains and assign the replication task to a Domain Engine. -Ensure the Domain Manager host is “visible”. -Ensure Connectivity is possible via the default/configured CAM and multiplexer ports and protocol is not blocked to the Enterprise Manager.

25 © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 25 Domain Engine In an Enterprise architecture, the Domain Engine assigned the replication task must be able to initiate communications with the Enterprise Manager via CAM to obtain connection information for the Enterprise MDB. -Ensure the Enterprise Manager host is “visible”. -Ensure the default/configured CAM port(s) are not blocked to the Enterprise host.

26 © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 26. Domain Engine to Enterprise MDB Also in an Enterprise architecture, the Domain Engine assigned the replication task must be able to access with the Enterprise MDB. -Ensure the Enterprise MDB host is “visible”. -Ensure connectivity via the default/configured database port can be established to the Enterprise MDB

27 © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 27 DSM Explorer to Enterprise Manager At the Enterprise level, the DSM Explorer must communicate with the Enterprise Manager and each linked Domain Manager via CAM. Since it is conceivable that not all instances will be installed on the same LAN... -Ensure the Enterprise Manager host and linked Domain Manager hosts are “visible”. -Ensure Connectivity is possible via the default/configured CAM port(s) and protocol is not blocked.

28 © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 28 Reporter to Domain Manager Reporter at the Enterprise level must communicate with the linked Domain Managers via CAM. -Ensure the linked Domain Manager hosts are “visible”. -Ensure connectivity is possible via the default/configured CAM port(s) and protocol is not blocked to the linked Domain Managers.

29 © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies. 29 Reporter to Domain MDB Reporter at the Enterprise level must be able to access linked Domain MDBs via the database port. -Ensure the Domain MDB host is “visible”. -Ensure connectivity is possible via the default/configured database port to the Enterprise MDB.

30 Questions? © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced herein belong to their respective companies.

Download ppt "Unicenter Desktop & Server Management Network Challenges -Latest Revision 11/28/2005."

Similar presentations

Module 13: Implementing ISA Server 2004 Enterprise Edition: Site-to-Site VPN Scenario.

Module 13: Implementing ISA Server 2004 Enterprise Edition: Site-to-Site VPN Scenario.
The following 10 questions test your knowledge of Internet-based client management in Configuration Manager 2007. Configuration Manager 2007 Internet-Based.

The following 10 questions test your knowledge of Internet-based client management in Configuration Manager Configuration Manager 2007 Internet-Based.
The CA MDB Revised May 16 2006. © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced.

The CA MDB Revised May © 2005 Computer Associates International, Inc. (CA). All trademarks, trade names, services marks and logos referenced.
Understanding Internet Protocol

Understanding Internet Protocol
Unicenter Desktop and Server Management Architectural Options -Latest Revision 10/27/05.

Unicenter Desktop and Server Management Architectural Options -Latest Revision 10/27/05.
Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.

Building Your Own Firewall Chapter 10. Learning Objectives List and define the two categories of firewalls Explain why desktop firewalls are used Explain.
© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.1 Computer Networks and Internets with Internet Applications, 4e By Douglas.

© 2007 Pearson Education Inc., Upper Saddle River, NJ. All rights reserved.1 Computer Networks and Internets with Internet Applications, 4e By Douglas.
MCDST 70-271: Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.

MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 14: Troubleshooting Remote Connections.
Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.

Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.
Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.

Understanding Networks. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.
Unicenter Desktop & Server Management Scaling Options - SQL -Latest Revision June 29 2006 -Read the notes pages.

Unicenter Desktop & Server Management Scaling Options - SQL -Latest Revision June Read the notes pages.
Lesson 1: Configuring Network Load Balancing

Lesson 1: Configuring Network Load Balancing
Lesson 19: Configuring Windows Firewall

Lesson 19: Configuring Windows Firewall
Unicenter NSM r11 Windows -SNMP Polling Analysis.

Unicenter NSM r11 Windows -SNMP Polling Analysis.
MDB Install Overview for Federated and Shared MDBs Revised June 19, 2006.

MDB Install Overview for Federated and Shared MDBs Revised June 19, 2006.
Understanding Active Directory

Understanding Active Directory
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 10: Remote Access.
Chapter 8 PIX Firewall. Adaptive Security Algorithm (ASA)  Used by Cisco PIX Firewall  Keeps track of connections originating from the protected inside.

Chapter 8 PIX Firewall. Adaptive Security Algorithm (ASA)  Used by Cisco PIX Firewall  Keeps track of connections originating from the protected inside.
Highly Available Unicenter Solutions -A High Level Summary Draft – Last Revised June 9, 2006.

Highly Available Unicenter Solutions -A High Level Summary Draft – Last Revised June 9, 2006.
Best Practices for Implementing Unicenter Service Desk r11.x in an HA MSCS Environment - Part 3: HA Primary Server Revised January 02, 2009 Although this.

Best Practices for Implementing Unicenter Service Desk r11.x in an HA MSCS Environment - Part 3: HA Primary Server Revised January 02, 2009 Although this.

Similar presentations

Ads by Google