Manuals / Apple / Marine Equipment / Life Jacket

Apple 10.3 manual Firewall, Nat

Models: 10.3

1 139

Download 139 pages 52.71 Kb

Page 41

Mac OS X Server provides administration tools for service configuration management and zone control as well as for monitoring, providing a graphical way to:

•Enable zone transfers and recursion

•Specify interfaces on which to listen for DNS requests

•Maintain blocked host lists

•Work with log files

•Manage zones and their records

Firewall

Firewall service protects your server and the content you store on it from intruders. It provides a software firewall, scanning incoming IP packets and accepting or rejecting them based on filters you define.

You can set up server-wide restrictions for packets from specific IP addresses. You can also restrict access to individual services—such as web, mail, and FTP—by defining filters for the ports used by the services. IP firewall can be used to block access to specific service ports or to allow access only to certain ports.

IP firewall also provides a sophisticated mechanism—stateful packet inspection—for determining whether an incoming packet is a legitimate response to an outgoing request or part of an ongoing session, allowing packets that would otherwise be denied.

NAT

Network Address Translation (NAT) is a method of connecting multiple computers to the Internet (or any other IP network) using one IP address. NAT converts the IP addresses you assign to computers on your private, internal network into one legitimate IP address for Internet communications. For example, the AirPort Base Station uses NAT. By default, a base station assigns IP addresses using DHCP to computers on an Ethernet network, and then uses NAT to convert those addresses when any of the computers needs to access the Internet.

NAT is becoming increasingly popular because it preserves IP addresses. It also increases the security of Internet access, because it supports only connections that originate on an internal network.

Mac OS X Server’s Server Admin application helps you administer NAT. You can also use the command-line tool ipfw or the Firewall service to configure the NAT translations specific to your network.

Chapter 2 Inside Mac OS X Server

41

Image 41

Apple 10.3 manual Firewall, Nat

Contents

Mac OS X Server Getting Started Apple Computer, Inc Apple Computer, Inc. All rights reserved Contents Using the Administration Tools Server AdministrationComputers You Can Use to Administer a Server Setting Up an Administrator ComputerInstalling Server Software Installation and Setup OverviewLocal Installation From the Server Install Discs Remote Installation From the Server Install DiscsAppendix B Appendix aGlossary Index Page Superior Performance and Scalability What’s New in VersionImproved Setup, Management, and Monitoring Enhanced Network and Directory Services Improved Windows Integration Part II Installation and Initial Setup New Workgroup and Desktop Management FeaturesWhat’s Included in This Guide Part I Introduction to Mac OS X ServerThis guide Tells you how to Getting Additional InformationPreface About This Guide Page Part I Introduction to Mac OS X Server Page Mac OS X Server addresses the needs of many environments 1Mac OS X Server in ActionWorkgroup servers Enterprise OrganizationsHigher-Education Facilities Labs and Classrooms Directory server VPN Small and Medium BusinessesApplications Computational ClusteringCreative Businesses Web Service Providers Mac OS X Server in Action 2Inside Mac OS X Server Core System ServicesOpen Directory Using Apple DirectoriesSearch Policies Using Other DirectoriesAuthentication User Management Discovery of Network ServicesSingle Signon User AccountsHome Directories Group AccountsMacintosh User Management Preference ManagementNetBoot System Image ServicesWindows User Management Mobile AccountsNetwork Install File ServicesSharing Apple File ServiceWindows Services File Transfer Protocol FTP Network File System NFS ServiceWeb Service Print ServiceMail Service Dhcp Network ServicesNAT FirewallIP Failover Media Streaming and BroadcastingApache Tomcat Application Server SupportWebObjects Integrating Into Existing EnvironmentsJBoss High Availability Server AdministrationPage Using the Administration Tools 3Server AdministrationComputers You Can Use to Administer a Server Using a Non-Mac OS X Computer for Administration Setting Up an Administrator ComputerServer Assistant InstallerDirectory Access Workgroup Manager Opening and Authenticating in Workgroup ManagerUsing Workgroup Manager Server Administration Server Administration Using Server Admin Server AdminOpening and Authenticating in Server Admin Server Administration Server Administration Server Monitor System Image ManagementApple Remote Desktop Media Streaming ManagementWorking With Version 10.2 Servers From Version 10.3 Servers Command-Line ToolsMacintosh Manager Part II Installation and Initial Setup Page Planning 4Installation and Setup OverviewLocal Installation From the Server Install Discs Installing Server SoftwareRemote Installation From the Server Install Discs Automating Server Installation With a Disk Image Setting Up Servers Interactively Initial Server SetupWelcome Using Setup Data Stored in a File Automating Server SetupThen plug the iPod into the next server Using Setup Data Stored in a DirectoryUsing Encryption Keeping Current Setting Up Services5Before You Begin Set Up a Planning TeamDetermine Services to Host on Each Server Identify the Servers You’ll Need to Set UpDefine a Migration Strategy Define Physical Infrastructure Requirements Define an Integration StrategyDefine Server Setup Infrastructure Requirements Collect and Organize Information Determine the Installation and Setup Strategy to UseMake Sure Required Server Hardware Is Available 6Installing Server Software Upgrading From Version 10.1 or Information You NeedPreparing Disks for Installing Mac OS X Server To install server software locally Identifying Remote Servers When Installing Mac OS X ServerUsing Installer to Install Locally From the Install Discs To install to a remote server using the install discs Installing Server Software To use installer to install server software Automating Server Software Installation With a Disk ImageTo install server software on your computer Volumes/Mount Volumes/Mount1 Volumes/Mount02 Ssh root@ip address Installing Optional Server Software 7Initial Server Setup Using Setup Data Saved in a File Saving Setup DataHow a Server Searches for Saved Setup Data Initial Server Setup Using Setup Data Saved in a Directory Specifying Initial Open Directory Usage Keeping Backup Copies of Saved Setup DataSetting Up a Server as a Standalone Server Not Changing Directory Usage When UpgradingSetting Up a Server to Connect to a Directory System Setting Up a Server to Host an Open Directory MasterTo set up a local server interactively Using Interactive Server SetupSetting Up a Local Server Interactively To set up a remote server interactively Postponing Local Server Setups Following InstallationSetting Up a Remote Server Interactively To set up multiple remote servers interactively in a batch Setting Up Multiple Remote Servers Interactively in a BatchInitial Server Setup Using Automatic Server Setup To save and apply setup data in a file Setting Up Servers Automatically Using Data Saved in a File102 To save and apply setup data in a directory record 104 105 Setting Up Open Directory Determining the Status of SetupsSetting Up File Services Setting Up User ManagementTo set up a user account To set up file sharingSetting Up Web Service Setting Up Print ServiceTo set up a shared printer queue To turn on web service if it’s not runningSetting Up Network Services Setting Up Mail ServiceSetting Up System Image Services Setting Up Media Streaming and BroadcastingTo turn on JBoss if it’s not running Setting Up an Application ServerAppendix Mac OS X Server WorksheetDisk format Computer name 114 Time zone Network interface data for this server is in the table below Appendix a Mac OS X Server Worksheet 118 Mac OS X Server in a Small Business BSetup ExampleSet up the server and the master directory How to Set Up the ServerSet up the network 121 Set up DNS service Set up the firewallSet up Dhcp service Set up VPN service Set up NAT serviceCreate user accounts and home directories Set up productivity servicesConfigure client computers Glossary GlossaryDirectory node See directory domain 129 Long name See user name Name server See DNS Domain Name System Realm See WebDAV realm Search path See search policy 133 134 135 Page Index 138 139