directory servers purposes (from chapter 6) –help users find information –centralize security...
TRANSCRIPT
Directory Servers
• Purposes (From Chapter 6)– Help users find information– Centralize security (single login, etc.)
Directory Servers• Information is Organized Hierarchically
– Hierarchy of objects– X.500 Standard defines types of objects– Also defines object properties
Organization (O) = xxx
Organizational Unit (OU) = yyy
Employee (E) = zzzCommon Name=Pat Lee
E-Mail=Lee…
Directory Servers
• LDAP– Lightweight Directory Access Protocol– Most popular directory access protocol– Governs user interaction with directory server
DirectoryServer
LDAP
Directory Servers• Directory Server Markup Language
(DSML)– Standardized way for application servers to
interact with directory servers– Application server may collect data from
multiple directory servers, present integrated results to browser user
DirectoryServerApplication
Server
DSML
Directory Server Products
• Directory Server Products– Novell Directory Services (NDS)
• From Novell
• Book incorrectly calls it NetWare Directory Services
• Mature, widely used
– Active Directory• From Microsoft
• New
Converging Boxes• Today, Many Types of Devices• Forwarding
– Hubs, Switches, Routers
• Security– Firewalls, etc.
• In future, single Comprehensive Relay Devices will combine forwarding and security
CRD
Converging Boxes
• Multi-Layer Packet Analysis
– Comprehensive relay devices will analyze headers and data fields at all layers
– For intelligent forwarding, like Layer 4 switches
– For intelligent security, like firewalls
– This will reduce costs compared to having separate devices
Converging Boxes
• Processing Concerns
– Multi-layer forwarding will be processing intensive
– So will be multi-layer security
– Processors must grow in power to keep up with increasing demand plus multi-layer processing and security
Policy Based Networking
• Policy Servers will Store Policies and Related Data– Will control individual forwarding, security,
and comprehensive relay devices– Uniformity in policy implementation
CRD
CRDPolicy
Policy
Policy Server
Policy Based Networking
• COPS– Common Open Policy Service– Standardized way for policy servers to talk with
devices for which they set policy
CRD
CRDCOPS
COPS
Policy Server