MDS INSTALLATION AND CONFIGURATION

More documents

Recommendations

Info

3 42 MDS INSTALLATION AND CONFIGURATION Choosing the Type of MDS CHOOSING THE TYPE OF MDS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . The Multi Domain Server (MDS) contains separate file structures for each CMA. Customer specific information is kept separated in independent CMA databases to offer greater security and data integrity. Each CMA’s rules, objects, and users reside in the CMA database and are not shared. The following directories remain private and separated by CMA: • conf database state The MDS shares the VPN-1/FireWall-1 management functions. In this way, the CMA data is separated, but shares the same soft linked Management Server functions such as binary executables and INSPECT files. Every Provider-1 configuration must include an MDS Manager. The GUI connects to the MDS Manager to access the CMAs. Additional MDS machines can be added to the configuration as needed. There are two different types of Multi Domain Servers: MDS Container MDS Manager The MDS Container can maintain up to 500 separate CMAs and perform Security Policy management functions. The MDS Manager can perform tasks such as file synchronization for backup capabilities and acts as the Certificate Authority for the Provider-1 system at the NOC. The scalable architecture of Provider-1 allows MSPs to accommodate a growing customer base. In every scenario, both an MDS Manager and MDS Container are necessary. These two components can be on the same machine.
MDS INSTALLATION AND CONFIGURATION Choosing the Type of MDS . . . . . Multi Domain Server - Manager The MDS Manager is the central point of entry for the CMAs. The MDG can only access the MDS Manager. The Manager is a Certificate Authority for the Provider-1 NG configuration and, if multiple MDS Managers exist, establishes High Availability between them. High Availability (HA) is possible even if the additional Manager machine is located at a remote location. No CMAs are loaded on the MDS Manager. Only the MDS Container can maintain the CMAs. If the MDS Manager is installed as the only MDS in the configuration, both the Manager and Container functions can be installed and run on one machine. Multi Domain Server - Container The less-expensive MDS Container maintains the customer CMAs. Capable of maintaining up to 500 CMAs, the Container machine is an alternative for Administrators who want to increase their Provider-1 capabilities without dramatically increasing cost. The Container machine cannot function as a Certificate Authority for Provider-1 components or establish High Availability for CMAs. The Container machine can be used as an additional MDS to increase customer capacity and for backup capabilities. Multi Domain Server as Multi Domain Log Module The MDS can also be licensed to function as a Multi Domain Log Module (MLM). The MLM separates the logs of each CMA into different databases. The MLM is configured with a CLM for each Customer CMA. Unlike the CMAs loaded on an MDS, CLMs configured on the MLM do not require a separate license. No more than 200 CLMs can be loaded on one MDS MLM. 43
Page 1: MDS INSTALLATION AND CONFIGURATION
Page 5 and 6: MDS INSTALLATION AND CONFIGURATION
Page 7 and 8: Lab 1: Installing and Configuring t
Page 21 and 22: CMA Management . . . . . CMA MANAGE
Page 23 and 24: — cplic printlic MDS and CMA Comm
Page 25 and 26: Summary Review Questions Review . .

MDS INSTALLATION AND CONFIGURATION

Create successful ePaper yourself

Delete template?

Save as template?