Previous | Table of Contents | Next |
Intranets are increasingly being used to support real-time information, such as live audio and video feeds, over the network. These multimedia feeds are sent to all subscribers in a subnetwork, creating increased multicast traffic and impeding network performance by consuming ever-greater amounts of bandwidth.
Intelligent multicast control provided by intranet switches helps organizations conserve network bandwidth by eliminating the propagation of multicast traffic to all end stations in a subnetwork. The intranet switches monitor multicast requests and forward multicast frames only to the ports hosting members of a multicast group.
Most enterprise networks use multiple protocols. Intranets are IP-based, requiring IP on all intranet access systems throughout the network. To ease IP integration, intranet switching supports protocol-sensitive VLANs, which allows the addition of IP without changing the logical network structure for other protocols.
By combining IP and ATM routing through I-PNNI signaling, network management is simplified because only one protocol is managed rather than two. Providing this unified view of the network by implementing a single protocol leads to better path selection and improved network performance.
To accommodate intranet traffic demands, increased switching capabilities must be added to both the edge of the network and to the backbone network. Many organizations are using intranets for mission-critical applications, so the backbone technology must deliver superior performance, scalability, and a high degree of resiliency. For these reasons, ATM may be the optimal choice for the core technology for intranet switches.
As todays networks assimilate additional services originally developed for the global Internet, they are gaining new flexibility in the ways they provide access to computing resources and information. Network operating systems make this easier to accomplish greater information sharing by providing integral access to intranet resources such as Web servers, FTP servers, and WAN connections to the Internet. Novell Inc.s IntranetWare offering, which is built on the NetWare network operating system, provides both IP and IPX access to intranet resources, for example.
IntranetWare incorporates all of the networking services of NetWare 4.11,such as NDS, SMP, and core file and print services with new intranet and Internet capabilities. These solutions include a high-performance NetWare Web Server 2.5, FTP services (the Internet-standard method for allowing users to download files on remote servers via the Internet), Netscape Navigator, an IPX-to-IP gateway to provide IPX users with access to all IP resources (including World Wide Web pages), and integrated wide-area routing to connect geographically dispersed LANs to a corporate intranet or to the greater Internet.
At the heart of IntranetWares management is NDS, which allows administrators to manage a network from any workstation and provides sophisticated access controls for all the resources on the intranet. With the centralized administration enabled by NDS, organizations can contain management and administration expenses, which are the primary costs of operating a network.
IntranetWare also qualifies for C2 network security certification, enabling the complete network server, client, and connecting media to be completely secure.
IntranetWares routing capabilities let corporations extend their intranets to branch offices and to connect to the Internet via ISDN, frame relay, ATM, or leased-line connections. Add-on software from Novell allows mainframe and midrange computers to become a part of the corporate intranet.
IntranetWare provides comprehensive client support for DOS, Windows, Windows 95, Windows NT, Macintosh, OS/2, and UNIX workstations.
A firewall is server software that protects TCP/IP networks from unwanted external access to corporate resources. With a firewall, companies can connect their private TCP/IP networks to the global Internet or to other external TCP/IP networks and be assured that unauthorized users cannot obtain access to systems or files on their private network. Firewalls can also work in the opposite direction by controlling internal access to external services that are deemed inappropriate to accomplishing the companys business.
Firewalls come in three types: packet filters, circuit-level gateways, and application gateways. Some firewall products combine all three into one firewall server, offering organizations more flexibility in meeting their security needs.
With packet filtering, all IP packets traveling between the internal network and the external network must pass through the firewall. User-definable rules allow or disallow packets to be passed. The firewalls GUI allows systems administrators to implement packet filter rules easily and accurately.
All of the firewalls incoming and outgoing connections are circuit-level connections that are made automatically and transparently. The firewall can be configured to permit a variety of outgoing connections such as Telnet, FTP, WWW, Gopher, America Online, and user-defined applications such as mail and news. Incoming circuit-level connections include Telnet and FTP. Incoming connections are only permitted with authenticated inbound access using one-time password tokens.
Some firewalls include support for several standard application servers, including mail, news, WWW, FTP, and DNS. Security is enhanced by compartmentalizing these applications from other firewall software, so that if an individual server is under attack, other servers/functions are not affected.
To aid security, firewall offer logging capabilities as well as alarms that are activated when probing is detected. Log files are kept for all connection requests and server activity. The files can be viewed from the console displaying the most recent entries. The log scrolls in real time as new entries come in. The log files include:
Previous | Table of Contents | Next |