Network Operating Systems


Published on

Published in: Technology
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Network Operating Systems

  1. 1. Network Operating Systems CP3397 Design of Networks and Security
  2. 2. Objectives <ul><li>A general Revision of Network Operating Systems </li></ul><ul><li>By the end of the session you should understand </li></ul><ul><ul><li>The different forms of Transparency </li></ul></ul><ul><ul><li>An overview of Directory Services </li></ul></ul><ul><ul><li>Main Security Issues </li></ul></ul><ul><ul><li>NOS Functionality </li></ul></ul><ul><ul><li>How to choose a NOS </li></ul></ul>
  3. 3. Network Operating Systems (NOS) <ul><li>The objective is to design to create a “single system image” illusion </li></ul><ul><ul><li>Single system image creates an illusion in the minds of users that all the servers on the network are part of the same system or behave like a single computer </li></ul></ul><ul><ul><li>Andrew Tanenbaum, Modern Operating Systems, 1992 </li></ul></ul><ul><ul><li>The network is the computer </li></ul></ul><ul><ul><ul><ul><li>Sun Microsystems advertising slogan </li></ul></ul></ul></ul>
  4. 4. What is a NOS? <ul><li>It is Software </li></ul><ul><ul><li>What do we need it to do? </li></ul></ul><ul><li>Involves Client/Server architecture </li></ul><ul><li>It Encompasses </li></ul><ul><ul><ul><li>workstations sharing a file system </li></ul></ul></ul><ul><ul><ul><li>workstations sharing network resources </li></ul></ul></ul><ul><ul><ul><li>completely distributed computing environments </li></ul></ul></ul><ul><ul><ul><li>the concept of transparency </li></ul></ul></ul>
  5. 5. Transparency <ul><li>Giving the impression that the network system is seamless </li></ul><ul><ul><ul><li>remote resources appear local </li></ul></ul></ul><ul><ul><ul><li>Hiding network complexity </li></ul></ul></ul><ul><li>There are many different aspects to transparency </li></ul>
  6. 6. Types of Transparency (1) <ul><li>Location Transparency </li></ul><ul><ul><li>The user should not be aware of the location of the resource on the system </li></ul></ul><ul><ul><ul><li>resources have names, not machine pathways </li></ul></ul></ul><ul><li>Namespace Transparency </li></ul><ul><ul><li>ability to use same naming conventions to locate any resource on the network </li></ul></ul><ul><ul><ul><li>any vendor, any product </li></ul></ul></ul><ul><ul><ul><li>the network system“one big tree” </li></ul></ul></ul>
  7. 7. Types of Transparency (2) <ul><li>Containment transparency </li></ul><ul><ul><li>resources can be moved without requiring changes on clients </li></ul></ul><ul><ul><ul><li>e.g. moving file from one subdirectory to another on the server </li></ul></ul></ul><ul><li>Logon transparency </li></ul><ul><ul><li>single authentication per user on all servers for all services </li></ul></ul>
  8. 8. Types of Transparency (3) <ul><li>Replication transparency </li></ul><ul><ul><li>Users should not be aware of how many copies of a resource exist </li></ul></ul><ul><ul><ul><li>e.g., if a database is replicated, the NOS should take care of synchronisation, locking, updates, etc. </li></ul></ul></ul><ul><li>Distributed Access transparency </li></ul><ul><ul><li>remote resources should appear to be on the local machine </li></ul></ul>
  9. 9. Types of Transparency (4) <ul><li>Distributed time transparency </li></ul><ul><ul><li>Users should not see any time differences across servers (e.g. file time-stamping). The NOS must synchronise clocks across the system </li></ul></ul><ul><li>Failure transparency </li></ul><ul><ul><li>The user should be shielded from network failures. The NOS should handle retries and reconnects and provide service redundancy </li></ul></ul>
  10. 10. Types of Transparency (5) <ul><li>Administration transparency </li></ul><ul><ul><li>There should only be system management interface </li></ul></ul><ul><li>The challenge for a NOS </li></ul><ul><ul><li>How to provide the highest level of all aspects of transparency without compromising the autonomy local OS </li></ul></ul><ul><ul><ul><li>local conclusion - don’t have a local OS </li></ul></ul></ul>
  11. 11. NOSs and Local OSs <ul><li>Is a NOS - </li></ul><ul><ul><li>An add-on to the local OS? </li></ul></ul><ul><ul><li>A new type of distributed OS that will replace the local OS </li></ul></ul><ul><ul><li>A middleware “glue” that links local OS (client) to server OS (server) </li></ul></ul><ul><li>It can be any of the above and is often a bit of each </li></ul>
  12. 12. Multitasking/Multiprocessing <ul><li>Multitasking </li></ul><ul><ul><li>The ability to perform tasks simultaneously </li></ul></ul><ul><ul><li>Pre-emptive multitasking </li></ul></ul><ul><ul><ul><li>Manage tasks in a way that gives them equal access to the processor </li></ul></ul></ul><ul><li>Multiprocessing </li></ul><ul><ul><li>The ability to add a CPU(s) to your system </li></ul></ul>
  13. 13. NOS Evolution <ul><li>Netware 2.x and MS LAN Manager </li></ul><ul><ul><li>mainly provided shared file and printer access </li></ul></ul><ul><ul><li>LAN Manager added Named Pipes to enable inter-process communication </li></ul></ul><ul><ul><ul><li>processes could exchange data </li></ul></ul></ul><ul><li>Windows NT bundles the NOS and OS </li></ul><ul><li>Netware keeps NOS and OS separate </li></ul>
  14. 14. Directory Services <ul><li>Networks are volatile </li></ul><ul><ul><li>users come and go, services are added and moved, data is created and moved </li></ul></ul><ul><li>Something must keep track of everything </li></ul><ul><li>NOSs do it using Directory Services </li></ul><ul><li>Directory Services need to be distributed </li></ul><ul><ul><li>a single image available to all applications </li></ul></ul>
  15. 15. X.500 <ul><li>ISO standard for Directory Services </li></ul><ul><li>An X.500 object describes an entity in the real world </li></ul><ul><ul><li>e.g. person, device or application </li></ul></ul><ul><li>The X.500 A standard for providing an integrated local and global White Pages Service. Was developed by </li></ul><ul><ul><li>the ITU (International Telecommunication Union) </li></ul></ul><ul><ul><li>the ISO (International Standards Organisation) </li></ul></ul>
  16. 16. X.500’s Two Main Protocols <ul><li>DAP - Directory Access Protocol </li></ul><ul><ul><ul><li>specifies how user applications access the directory information </li></ul></ul></ul><ul><li>DSP - Directory Service Protocol </li></ul><ul><ul><ul><li>specifies how user directory requests are conveyed between Directory Servers when the request cannot be satisfied by the local Directory Server </li></ul></ul></ul>
  17. 17. X.500 Directory Services Network Application Directory User Agent Directory System Agent Directory System Agent DAP = Directory Access Protocol DSP = Directory Service Protocol DSP DAP DAP Server Server Client
  18. 18. X.500 Pros and cons <ul><li>The X.500 offers the following features: </li></ul><ul><ul><li>Open non-proprietary standard </li></ul></ul><ul><ul><li>Decentralized Maintenance </li></ul></ul><ul><ul><li>Powerful Searching Capabilities </li></ul></ul><ul><ul><li>Single Global Namespace </li></ul></ul><ul><ul><li>Structured Information Framework </li></ul></ul><ul><ul><li>Standards-Based Directory Services for email, automated resources locators, directory tools, etc. </li></ul></ul><ul><li>On the negative side: </li></ul><ul><ul><li>X.500 directories are large, complex programs running over top layers of OSI stack. </li></ul></ul><ul><ul><li>They require a lot of computer power to run and engineering know-how to set up </li></ul></ul>
  19. 19. Security in a NOS <ul><li>NOS Client/Server environments increase security requirement </li></ul><ul><li>Authentication </li></ul><ul><ul><li>Encrypted passwords </li></ul></ul><ul><li>Authorisation </li></ul><ul><ul><li>Access Control Lists </li></ul></ul><ul><li>Audit Trails </li></ul><ul><ul><li>logons, attempted logons, programs and files used </li></ul></ul>
  20. 20. DCE <ul><li>Distributed Computing Environment </li></ul><ul><li>The most comprehensive NOS solution for heterogeneous systems </li></ul><ul><ul><li>de facto standard for multi-vendor systems </li></ul></ul><ul><li>Allows a client to interoperate with multiple server processes </li></ul><ul><ul><li>even if they are different base OSs </li></ul></ul><ul><li>Integrated approach to security, naming and inter-process communication </li></ul>
  21. 21. DCE Framework <ul><li>An integrated set of component services </li></ul>Applications OS Transport Services Threads Service Diskless Support Distributed File Service Distributed Time Directory Service Future Basic Services Remote Procedure Call Security Management Future Services
  22. 22. Comparing NOSs <ul><li>Difficult, since all NOSs provide similar services </li></ul><ul><li>Requires a “model” of NOS functionality </li></ul><ul><li>Categories of functionality must then be “weighted” to reflect specific needs </li></ul><ul><ul><li>e.g., Scalability may not be important, but support for a wide range of Network Media may be vital </li></ul></ul>
  23. 23. NOS Functionality (1) <ul><li>Architecture </li></ul><ul><ul><li>e.g., multiprocessor? Multiple multiprocessors? </li></ul></ul><ul><li>Scalability </li></ul><ul><ul><li>e.g, from small to large - max.. memory, addressable filespace, number of concurrent clients </li></ul></ul><ul><li>Availability/Reliability </li></ul><ul><ul><li>stability, fault tolerance </li></ul></ul><ul><li>Client support </li></ul><ul><ul><li>DOS, Windows (98., NT), Mac, Unix etc </li></ul></ul><ul><li>Network Printing </li></ul><ul><ul><li>e.g. multiple printers, remote management </li></ul></ul>
  24. 24. NOS Functionality (2) <ul><li>Network Media </li></ul><ul><ul><li>support for multiple media - ethernet, token ring, ISDN, remote access, wireless </li></ul></ul><ul><li>Middleware </li></ul><ul><li>support for distributed services (e.g.. X500, DCE) </li></ul><ul><li>Network Protocols </li></ul><ul><ul><li>TCP/IP, NetBIOS, NetBEUI, IPX/SPX, etc </li></ul></ul><ul><li>Network Services </li></ul><ul><ul><li>e.g., directories, time services, DMTF </li></ul></ul><ul><li>Server Management </li></ul><ul><ul><li>tools, audit trails, file management, user account management </li></ul></ul>
  25. 25. NOS Functionality (3) <ul><li>Security </li></ul><ul><ul><li>standard compliance (e.g, B2, C2), access control lists, encryption Application </li></ul></ul><ul><li>Development Tools </li></ul><ul><ul><li>what tools are available? 3GL, 4GL? </li></ul></ul><ul><li>Database Support </li></ul><ul><ul><li>what software is available? Support for CORBA etc. </li></ul></ul><ul><li>Applications </li></ul><ul><ul><li>What user applications are available? </li></ul></ul>
  26. 26. Windows NT4 Server <ul><li>Advantages </li></ul><ul><ul><li>Relatively easy to Install & Configure </li></ul></ul><ul><ul><li>Has a graphical interface </li></ul></ul><ul><ul><li>Is very scalable </li></ul></ul><ul><ul><li>Wide availability of applications </li></ul></ul><ul><li>Disdavantages </li></ul><ul><ul><li>Changes to installation or configuration require a server restart </li></ul></ul><ul><ul><li>Not as reliable as other NOS’s </li></ul></ul><ul><ul><li>Not compatible with all hardware </li></ul></ul>
  27. 27. Novell Netware 5 <ul><li>Advantages </li></ul><ul><ul><li>A very stable NOS </li></ul></ul><ul><ul><li>All network resources can be managed centrally through it’s Directory Services </li></ul></ul><ul><ul><li>Ability to manage NT and Unix servers </li></ul></ul><ul><ul><li>Includes a Java based Utility </li></ul></ul><ul><li>Disadvantages </li></ul><ul><ul><li>Administering Netware from the server requires commands to be learned </li></ul></ul><ul><ul><li>NDS can be difficult to implement in large networks </li></ul></ul><ul><ul><li>Is not as widely used as NT or Unix </li></ul></ul>
  28. 28. Unix <ul><li>Advantages </li></ul><ul><ul><li>A Very stable NOS </li></ul></ul><ul><ul><li>Can function as a workstation or a server </li></ul></ul><ul><ul><li>Is very fast </li></ul></ul><ul><ul><li>Includes many built in tools and utilities </li></ul></ul><ul><li>Disadvantages </li></ul><ul><ul><li>It is complicated and administration requires the learning of many commands </li></ul></ul><ul><ul><li>Application S/W can be very expensive </li></ul></ul><ul><ul><li>There are still issues with standardisation </li></ul></ul>
  29. 29. Linux <ul><li>Advantages </li></ul><ul><ul><li>Easier to install than UNIX </li></ul></ul><ul><ul><li>Fast and Reliable </li></ul></ul><ul><ul><li>It is free, with many free applications </li></ul></ul><ul><ul><li>The source code is available </li></ul></ul><ul><li>Disadvantages </li></ul><ul><ul><li>There are many commands to learn </li></ul></ul><ul><ul><li>It is easier than UNIX but still requires an administrator with UNIX knowledge </li></ul></ul><ul><ul><li>IS still not considered a sensible replacement for many UNIX applications </li></ul></ul>
  30. 30. Mac OS X Server <ul><li>Advantages </li></ul><ul><ul><li>Offers very good security </li></ul></ul><ul><ul><ul><li>AppleShare does not include security for the server </li></ul></ul></ul><ul><ul><li>Includes the Apache Web Server </li></ul></ul><ul><ul><li>Supports Centralised Management of Macintosh Computers </li></ul></ul><ul><li>Disadvantages </li></ul><ul><ul><li>It is relatively new </li></ul></ul><ul><ul><li>It does not include e-mail or print services </li></ul></ul><ul><ul><li>It does not support Windows Clients or existing Mac applications </li></ul></ul>
  31. 31. Further Reading <ul><li> whitepapers/nosc/nosc.html </li></ul><ul><li>Ciccarelli, P. Faulkner, C (1999) “CCNA JumpStart” Sybex San Franciso ISBN 0-7821-2592-1 </li></ul>