Choose network operating systemlrrpublic.cli.det.nsw.edu.au/lrrSecure/Sites/Web/sys... · Web...

Choose network operating system

2765.doc: © State of New South Wales, Department of Education and Training, 2006 1

Developed by the Centre for Learning Innovation (CLI) for the TAFE Online Project, TAFE NSW

Overview

Image: Overview

You should already know about choosing a server application. This resource will help you to choose a network operating system within an information technology environment.

In this topic you will learn how to:

identify the network operating system features with reference to required server solution

research available network operating system based on technical specification and capability and requirements

analyse the most suitable network operating system with reference to identified requirements and current and projected needs

choose the most suitable network operating system based on technical and business requirements.

This topic contains:

reading notes

activities

references

topic quiz.

As you work through the reading notes you will be directed to activities that will help you practise what you are learning. The topic also includes references to aid further learning and a topic quiz to check your understanding.

Download a print version of this whole topic: Choose network operating system (378 KB 2765.doc)



Reading notes

Image: Reading notes

What is a network operating system?A network operating system (NOS) is the software that connects all devices on a network. It allows the sharing of resources and provides access to network services. A network operating system is a management tool that handles the administration of all network functions. There are two parts to a network operating system in a client server environment: the server operating system and the client operating system.

Server network operating system

The server network operating system must be compatible with the client network operating system to access resources and services. There are many server network operating systems, common ones are Microsoft Windows, Linux, Sun Solaris, UNIX and Apple Macintosh OS. Network operating systems are the backbone of the client/server architecture. Some of the resources and services a NOS provides are

central management of network resources like files sharing, access to device such as printers, storage and retrieval of data, and access to applications

security via restricting access to the network through right and permissions

remote access allowing user who are geographically dispersed to connect to local service and resources seamlessly

management of backup and recovery

access to other networks and the Internet



monitoring the performance of servers and other network devices

providing update and patching facilities.

There are many more features provided by a network operating system that are not mentioned. In the next section we will look at the most common network operating systems and review some of the features of each. Network operating systems are evolving all the time, and improvements and new features are added with every new release.

Common features of a network operating systemThere are many network operating systems in today’s marketplace. Each operating system has many features - too many to list here. Instead we will look at some of the most common features shared by operating systems.

Security

Security features are important in protecting organisational information. The privacy act enforces controls on who has access to personal information. Fines or imprisonment can be applied to individuals or groups for not protecting personal information. The defence in-depth model implements security at all layers of the client/server architecture. Certain operating features are needed to implement a defence in-depth model, including

firewalls to safeguard network boundaries

encryption to protect stored data and data transmissions

authentication to stop unauthorised access to resources (multi-levels of authentication OS, APPS, etc.).

Firewalls

Firewalls are important in stopping unwanted network traffic breaching the network perimeter or entering the server. It is very important that servers exposed to the Internet such as a gateway server, email server, web server or remote access server have sufficient protection. Any server that is exposed to outside networks needs to be placed in a separate network segment sometimes called a demilitarised zone (DMZ). A DMZ is not part of the internal network or part of the Internet; it sits between the internal network and the Internet to provide access to server resources. Windows, Linux, Solaris and Macintosh operating systems all provide firewalls.



The most common type of operating system firewall is the IP packet filtering firewall. An IP filtering firewall allows or denies TCP/IP packets entering the server based on IP address and Port Numbers and protocol.

For further information about firewalls, you may choose to explore the following: http://www.tech-faq.com/firewall.shtml and http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=/rzatj/packetff.htm (go to iSeries Information Center>Service and support>Set up a connection to IBM>IP Packet Filter Firewall).

Image: De-militarised zone (DMZ), Local area network (LAN) and Internet service provider (ISP)

Figure 1: De-militarised zone (DMZ), Local area network (LAN) and Internet service provider (ISP)

Encryption

Encryption is the process of converting data that is easily readable into a form that is not easily readable. Encryption uses algorithms to scramble data before being stored on disk drives or sent over a network. The data needs to



http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=/rzatj/packetff.htm

http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=/rzatj/packetff.htm

http://www.tech-faq.com/firewall.shtml

be unscrambled or decrypted before it can be read. The most popular form of encryption weaves a key into the original data’s bits. Key encryption can be separated into two categories: private key and public key encryption. For more information on public and private key encryption, see the resources at the end of the topic.

Once data has been encrypted it is known as ciphertext. The only way the ciphertext can be decrypted is to use the corresponding key. The longer the key (in bits), the harder the ciphertext is to decrypt. A key that is 8 bits long has 256 possibilities (since ). A key that is 16 bits long has 65,536 possibilities, and a key that is 56 bits long has 72,057,594,000,000,000 possibilities. Common encryption key strengths are 56, 128, 160, 192, 256 bits. For the foreseeable future, any encryption key that is 128 bits or over is virtually unbreakable by using the brute force method. Click on the image below to launch an encryption animation (1 KB 2765_f03_flash.html).

Image: The word Encryption with an arrow pointing to large box labelled encryptor, with a string of random numbers followed by an arrow pointing out of encryptor

Figure 2: Encryption process

Encryption is used in the storage and transmission of data by a NOS. Data stored on a disk is encrypted as it is being written, and decrypted when it is being read. This increases the size of the file and the speed of reading and writing.

Linux is a flexible NOS that supports many file systems such as ext3, ReiserFS, NFS and FAT. Earlier versions of Linux (6.1 and below) do not support native encryption of files and you will need to use a 3rd party product to encrypt data. Linux versions 6.2 use Cryptoloop to enable file encryption.

For more information about ext3, enter the key terms “Redhat linux file system” into an Internet search engine such as google.

NTFS5 is the latest file system used by Microsoft windows. NTFS supports encryption of data natively. Sun Solaris is able use multiple file systems including the UNIX File System (UFS), Network File System (NFS) and Solaris ZFS. There are plans at Sun for Solaris ZFS to support file encryption in the near future. Apple Mac’s server supports file encryption by using the Mac File vault tool to encrypt drives.

Data can easily be intercepted in a number of ways, so it is important to be able to encrypt data before transmission. There are many protocols used to



encrypt data, and each protocol has a specific purpose. Secure Socket Layer (SSL) is used to encrypt TCP/IP transmissions like webpages or web forms between the client and the server. SSL utilises public key encryption technology to ensure safe transmission of data. Other important encryption protocols that the NOS needs to support are

Secure Shell (SSH)

Internet Protocol Security (IPSec)

WiFi Protected Access (WPA).

Image: locked padlock with HTTPS text on it

Figure 3: HTTPS padlock

Authentication

Authentication is the process of verifying the identity of a client/server and determining what that client/server is allowed to access. Kerberos is an example of an authentication protocol. Kerberos provides a central authentication service that grants access tickets to authorised client/servers wanting to access network recourses. RADIUS (Remote Authentication Dial In User Service) is another authentication protocol used in the authentication and authorisation of dial-in users. Other important Authentication protocols are

Password Authentication Protocol (PAP)

Extensible Authentication Protocol (EAP)

Lightweight directory Access protocol (LDAP).

Network

There are numerous networking features and services a server will need to provide depending on the role that server will be performing. Important features to review when selecting the NOS are outlined below.

Cross platform support

When considering cross platform support, you’ll need to answer some key questions including

Does the NOS support other operating systems?



Can the NOS provide access to data, applications and services to other operating systems located within and outside the local area network?

Which local area network and wide area network protocols are supported?

If you are running a combination of operating systems on your network, it is important that the server will be able to communicate with all clients. Common local area network protocols are TCP/IP, IPX/SPX and Apple Talk.

Routing and remote access

If the server is connecting users and networks that are not part of the local area network to local services it will need to support routing and remote access.

Remote access allows users who are geographically dispersed to dial-in to the network to access resources. It uses modems and the public telephone service to service the connection. Once connected, a user is likely to utilise the remote desktop protocol (RDP), which is a terminal services protocol that allows a user to access applications or data stored on a remote computer. Virtual Private Network (VPN) provides a way of remote access by using the Internet.

Routing is the process of forwarding network packets from one network to another. It provides the ability to connect remote or dissimilar networks to local area network segment. There are many protocols a server will need to use when providing network services, including

DNS

DHCP

WINS

FTP

SSL.

Monitoring, Maintenance and Recovery

It is important to be able to monitor how well the server is performing. A server has a limited number of resources that must be available to all clients, so it’s important that the available resources are being used wisely. Performance tools are needed to measure the use of server resources. By gathering data on each area of resource (such as memory or processing) the server can be configured to increase performance. An example of a monitoring tool can be found in Microsoft’s Windows 2003 operating system. Windows 2003 provides a performance monitor that can measure



the activity (i.e. performance of memory, CPU, disk and network activity, etc.) of any windows based computer on the network.

Image: Microsoft performance monitor is shown tracking the performance of memory, physical disk, processor and network interface using a line graph.

Figure 4: Performance monitor

Just like a car, a server also needs to be well-maintained to gain maximum performance. Regular maintenance will decrease the chance of major failure and downtime. A NOS should be able to provide features that allow automation of regular maintenance. Regular maintenance includes

backing up data

patching or updating the operating system

defragging hard disks.

Recovery is the process of returning the server to operation after a problem. It could be a hardware problem, a new virus, or the system could have halted due to a buggy application. It doesn’t matter what the cause of the problem is. What DOES matter is how quickly the server can be restored. Modern NOS provide a variety of recovery options from redundant hardware to automated system recovery. Each operating system will support many of the following recovery and repair features:

automated backup

automated recovery



system state recovery

automatic diagnosis of failures

self-healing.

Activity 1

To practise identifying network operating system features, complete Activity 1 – Identify network operating system features, located in the Activities section of the Topic menu.

Selecting an operating systemThere are many questions that need to be answered before selecting an operating system. Many of the principles discussed in selecting an application can be applied to an operating system. Areas that are going to influence the choice of operating system are

business, client and technical requirements

IT environment

costs

vendor reputation and support.

Requirements

One major factor on choosing an operating system will be the compatibility with the chosen application. Many applications are cross platform compatible, which means that there are different versions available for different operating systems. Other applications may specify one operating system only, as the application may utilise specific operating system features to enhance application functionality.

A requirements document should be created outlining business, technical and client requirements. Use this document to create a list of selection criteria to help in selecting the appropriate operating system.

IT Environment

The IT environment is the current makeup of hardware, software and network resources. Analysing the current environment can determine if the organisation is using a single operating system platform throughout the organisation or is using multiple operating systems on multiple hardware platforms. What is currently being used will impact which operating system to use now and in the future.



There is a greater risk and increased costs involved when deploying an operating system that is not part of the current IT system. It is more costly because systems’ integration will need far more testing and there will be a greater and widespread need for training. Whichever operating system is chosen, it must be compatible with what is currently being used.

Cost

Cost is a major factor that influences the purchase of an operating system. The total cost of ownership (TCO) is a good indicator of the overall cost of deploying an operating system over its lifetime. TCO includes things such as

the initial outlay to purchase and deploy the Operating system

hardware purchase and deployment

support and maintenance

training.

Free operating systems or applications are very rarely without costs in a business environment. All aspects of the TCO model need to examined closely when deciding on the operating system that is right for your particular situation. Go to http://www-1.ibm.com/linux/whitepapers/robertFrancesGroupLinuxTCOAnalysis05.pdf and read the article “TCO for Application Servers: Comparing Linux with Windows and Solaris.”

Vendor reputation and support

Vendor reputation is very much a subjective area, and how one person regards one vendor might be totally opposite to another’s view. What is important is that the vendor has a documented history of providing support and will be around for the long-term. The last thing you want is to implement an NOS that cannot be supported because the vendor has gone out of business.

Common enterprise operating systems

Linux distributions

Linux is an operating system that is available for free. It is arguably the most recognised free software and open source project. Unlike proprietary and commercial operating systems, the Linux kernel source code is accessible and modifiable by everyone. The Linux kernel forms an integral part of the GNU/Linux operating system - commonly known as a Linux



http://www-1.ibm.com/linux/whitepapers/robertFrancesGroupLinuxTCOAnalysis05.pdf

http://www-1.ibm.com/linux/whitepapers/robertFrancesGroupLinuxTCOAnalysis05.pdf

distribution. There are many different Linux distributions available today for just about any market segment. A Linux distribution is a collection of the following:

Linux kernel

GNU libraries and tools

command-line shells

graphical X Window System

desktop environments like KDE or GNOME

software packages.

There are more than 400 different Linux distributions or “distro” available. For information about a Linux distribution, go to http://distrowatch.com/ and do a search on the distribution name.

Microsoft Windows

Microsoft Windows 2003 server is a good option for an organisation that is running applications in a Windows environment. Windows 2003 server is the latest offering of Microsoft’s server-based operating systems. Many different versions of Microsoft Windows 2003 Server are available, and each version is targeted at different market segments. The most notable features of Windows 2003 server are

Internet Information Services (IIS) web server

Distributed file system

File replication services

Active directory

Terminal services.

For a complete overview of the Microsoft Windows operating system, go to the Microsoft Windows 2003 website at http://www.microsoft.com/windowsserver2003/default.mspx

Apple Mac OS server

Apple Mac OS X server is the server version of Apples Mac X desktop operating system. The server version of OS X has extra features that are not part of the desktop version like web service, mail hosting and site hosting, file and print services for Mac Linux and Windows users. Mac OS X has a UNIX-like foundation – Darwin - which is a free, open source operating system, and mac microkernel. Apple has included some of the best open source applications in Mac OS X like Apache, Samba and Postfix but has



http://www.microsoft.com/windowsserver2003/default.mspx

http://distrowatch.com/

configured the application to use a common management interface. For more detail on the Apple Mac server go to http://www.apple.com/server/macosx/

Sun Solaris OS

The Sun Solaris Operating System is part of the suite of applications known as the Sun Solaris Enterprise System . The Sun Solaris Enterprise System includes Solaris 10, Sun Java Enterprise system, Sun Java Studio Enterprise, Sun Studio and other server management software. Solaris is based on a proprietary form of UNIX. In 2005 Sun released a subset of the Solaris code to the open source community for use in OpenSolaris. OpenSolaris is not exactly the same as Suns proprietary Solaris OS, there may be code differences but future releases of Sun Solaris OS will be built from the OpenSolaris source code. For more information on the standard Sun Solaris operating system, go to http://www.sun.com/software/solaris/index.jsp or http://www.sun.com/software/solaris/trustedsolaris/index.xml for the Trusted Solaris Operating System.

IBM z/OS

z/OS is IBM’s flagship 64 bit operating system that is suitable for mission critical OLTP and batch processing. z/OS is a secure and open operating environment that conforms to international software standards and is used in one form or another in all Fortune 1000 companies worldwide, as well as in major international and local government departments. z/OS’ support for a virtualised environment allows for true on demand computing. For more information on the functionality of z/OS, go to http://www-03.ibm.com/servers/.

HP-UX, OpenVMS

OpenVMS (Open Virtual memory systems) or VMS is an operating system invented by Digital Equipment Corporation (DEC) to run on their VAX and Alpha family of computers. HP now owns DEC and has ported the operating system to work on the Itanium Intel processors. The Open VMS operating system implements fault tolerance through clustering. Open VMS originated many of today’s standard operating system features, such as

built-in networking through DECnet (later TCP/IP)

distributed file system

support for multiple computer programming languages

clustering.



http://www-03.ibm.com/servers/

http://www.sun.com/software/solaris/trustedsolaris/index.xml

http://www.sun.com/software/solaris/index.jsp

http://www.apple.com/server/macosx/

For a more in-depth look at OpenVMS, visit the OpenVMS website at http://h71000.www7.hp.com/.

HP-UX is Hewlett-Packards proprietary version of UNIX. HP-UX runs on HP’s PA-RISC, Apollo/domain and Itanium servers. For more information on HP-UX, visit the HP website at http://www.hp.com/.

Novell NetWare

Novell NetWare is a network operating system initially used in cooperative multitasking to run various services on a PC. Netware made IPX/SPX popular in the late 1980’s and early 90’s. Today, NetWare supports TCP/IP as well as IPX/SPX. Novell has moved its NetWare product to the Linux kernel and has multiple Linux products available. For more information, visit the Novell website at http://www.novell.com/.

SCO group

The SCO group main product is OpenServer. OpenServer is a UNIX operating system that is very stable, reliable and secure. SCO OpenServer uses Open Source software like Apache to provide greater application support. For more information on SCO OpenServer and other SCO operating systems, go to http://www.sco.com/.

Activity 2

To practise creating a technical requirements brief, complete Activity 2 – Technical requirements brief, located in the Activities section of the Topic menu.

Activity 3

To practise selecting a network operating system, complete Activity 3 – Select network operating system, located in the Activities section of the Topic menu.



http://www.sco.com/

http://www.novell.com/

http://www.hp.com/

http://h71000.www7.hp.com/

Activities

Image: Activities

Activity 1 – Identify network operating system featuresComplete the matching activity by matching requirements to operating system features (3 KB mat_2765_activity01.htm).

Activity 2 – Technical requirements briefCreate a technical requirements brief for one of the following operating systems:

Microsoft Windows Vista

Red Hat Enterprise Linux AS

Sun Solaris 10

HP UX 11i

Apple Mac OS X server

Share the results with your classmates.

Feedback

The contents of the brief will be different for each operating system, although Microsoft Vista, Red Hat Linux and Sun Solaris can all use the x86 platform. Hp UX and Apple Mac require the use of vendor hardware.



Activity 3 – Select network operating systemBlancoBar is an international car parts manufacturer specialising in electrical and mechanical components. They have representatives in 20 countries and employ 17,000 people worldwide. They have a very large and complex information technology system built around a global SAP implementation running on HP-UX. They are not happy with the performance of the 1.7TB Informix database backend and are considering upgrading to IBM DB2 or Oracle database. BlancoBar are pleased with the current environment of SAP with HP-UX.

Which operating system would you recommend BlancoBar implement? Why?

Feedback

BlancoBar should keep using the HP-UX environment as they are currently happy with the performance and stability of the operating system. Changing the operating environment would be a major project for such a large organisation, costing millions of dollars.



References

Image: References

You can use this section to help in your search for information from a number of sources. This may include exploring a particular website, searching for websites with specific information, looking at publications or researching IT products, companies or industry organisations.

Internet

http://www.microsoft.com/servers/default.mspx (Microsoft website, featuring sever-related news, downloads and web links)

http://www.sco.com/ (for more information on SCO OpenServer and other SCO operating systems)

http://www.novell.com/ (for information on Novell netware)

http://www.hp.com/ (for more information on HP-UX)

http://h71000.www7.hp.com/ (for more information on OpenVMS)

http://www-03.ibm.com/servers/ (for more information on the functionality of z/OS)

http://www.sun.com/software/solaris/index.jsp (for more information on the standard Sun Solaris operating system)

http://www.sun.com/software/solaris/trustedsolaris/index.xml (for information on the Trusted Solaris Operating System)

http://www.apple.com/server/macosx/ (for more detail on the Apple Mac server go to)

http://www.microsoft.com/windowsserver2003/default.mspx (f or a complete overview of the Microsoft Windows operating system)



http://www.microsoft.com/windowsserver2003/default.mspx

http://www.apple.com/server/macosx/

http://www.sun.com/software/solaris/trustedsolaris/index.xml

http://www.sun.com/software/solaris/index.jsp

http://www-03.ibm.com/servers/

http://h71000.www7.hp.com/

http://www.hp.com/

http://www.novell.com/

http://www.sco.com/

http://www.microsoft.com/servers/default.mspx

http://distrowatch.com/ (For information about a Linux distribution; do a search on the distribution name.)



http://distrowatch.com/

Topic Quiz

Image: Topic quiz

This quiz will help you review the content you have learned in this topic.

Answer the questions, check the feedback at the end of each question and take note of the areas you need to review.

1. Fill in the missing word:

A network operating system is the software that connects all devices on a network.

Feedback

Correct! A network operating system is the software that connects all devices on a network.

Incorrect! Go to the Reading notes and review the section on What is a network operating system.

2. Which operating features are needed to implement a defence in-depth model?

firewalls

encryption

authentication

all of the above

Feedback

Correct! The operating features that are needed to implement a defence in-depth model include firewalls, encryption, and authentication.

Almost! Go to the Reading notes and review the section on Security.

3. Answer True or False:



A DMZ is part of the internal network or part of the Internet.

Feedback

Correct! This statement is False! A DMZ is NOT part of the internal network or part of the Internet.

Incorrect. Go to the Reading notes and review the section on Firewalls.

4. Fill in the missing word:

Once data has been encrypted it is known as ciphertext.

Feedback

Correct! Once data has been encrypted it is known as ciphertext.

Incorrect. Go to the Reading notes and review the section on Encryption.

5. When data is being written, it is being

encrypted

decrypted

Feedback

Correct! When data is being written, it is being encrypted.

Incorrect. Go to the Reading notes and review the section on Encryption.

6. Answer True or False:

SSL utilises public key encryption technology to ensure safe transmission of data.

Feedback

Correct! This statement is True! SSL utilises public key encryption technology to ensure safe transmission of data.

Incorrect. This statement is not false – it’s True! Go to the Reading notes and review the section on Encryption.



Choose network operating systemlrrpublic.cli.det.nsw.edu.au/lrrSecure/Sites/Web/sys... · Web...

Documents

Transcript of Choose network operating systemlrrpublic.cli.det.nsw.edu.au/lrrSecure/Sites/Web/sys... · Web...