IT Baseline Protection Manual - The Information Warfare Site

Safeguard Catalogue - Organisation Remarks
____________________________________________________________________ .........................................
S 2.153 Documentation of Novell Netware 4.x
networks
Initiation responsibility: Head of IT Section, IT Security Management
Implementation responsibility: Administrators
One measure which is important for ensuring reliable operation but often
neglected due to a lack of time or personnel, is documentation of the essential
information pertaining to a Novell Netware 4.x network. As a change in
responsibilities or a shortage of personnel can occur at any time, it is
absolutely necessary to record all relevant information concerning every
Netware server and supply this information in clearly arranged documents.
This facilitates training and orientation if a replacement becomes necessary,
and shortens downtimes in case of a failure.
This documentation should provide the following information (together with
all the required parameters) in a form which is transparent and can easily be
updated:
NDS
Particular attention must be directed to the documentation of the NDS,
because instead of being located on a single, central server, it might be
distributed among several partitions and stored on different Netware servers -
particularly in the case of Netware networks with many WAN links. In
individual cases, this can mean, for example, that a server with a read/write
replication needs to be converted to a master replication partition, if a
hardware failure entails a new installation of the current master partition.
However, this problem can be avoided using suitable security mechanisms.
This example alone demonstrates the potential complexity of an extensively
branched NDS tree, and the accompanying need for appropriate
documentation, which should certainly contain the structure of the NDS, as
well as information on the allocated NDS and file rights.
Time synchronisation
As NDS and time synchronisation are closely related topics, it is advisable to
link them together in the documentation too. This is because all relevant
pieces of information exchanged via a Netware 4.x network carry time stamps.
To allow proper time synchronisation in a Novell Netware 4.x network and
ensure that the time-related information yields the desired results on every
server, a clear specification is required as to which server should act as the
clock-signal source and which time model should be used. For this reason, a
correct representation of the time synchronisation and the related NDS
services is indispensable in order to allow the right steps to be taken in the
event of an error.
The table below provides an example of this type of documentation.
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000