Novell Nterprise Branch Office: Remote Office Management Made Easy
Articles and Tips: article
Senior Research Engineer
Novell, Inc.
kburnett@novell.com
Nancy Cadjan
Technical Writer
Novell, Inc.
ncadjan@novell.com
Special thanks to Kelli Frame and Cindy Sanders of Novell for their assistance with this AppNote.
11 Jan 2002
This AppNote introduces Novell Nterprise Branch Office, an appliance-based solution for managing remote offices from a central location. The Branch Office software combines with your hardware to create a Branch Office appliance that simplifies management of remote servers and printers, eliminates the need for backups at the remote office, and provides easier access to branch office users.
- Introduction
- What is Novell Nterprise Branch Office?
- Key Features of Novell Nterprise Branch Office
- Requirements for Running Branch Office
- Setting Up the Appliance via the Wizard
- Conclusion
|
Topics |
branch office management, remote office management, network appliances, network management |
|
Products |
Novell Nterprise Branch Office |
|
Audience |
network administrators, installers, designers |
|
Level |
beginning |
|
Prerequisite Skills |
familiarity with remote office management concepts |
|
Operating System |
NetWare 5.x, 6.x |
|
Tools |
none |
|
Sample Code |
no |
Introduction
Today's corporate enterprises often maintain offices across the country and across the world. Corporations have both large and small offices that require essential services like network authentication, application access, printing, and data storage and backup. Employees who work in the larger offices with dedicated support staff typically have very good networking experiences. But employees in small branch offices without local support professionals can have a very disappointing experience because installing and maintaining the servers and infrastructure to support branch offices is a costly proposition that cash-conscious companies don't want to invest in.
Consolidating services into a few key data centers can alleviate much of this problem, but it is not as easy as it sounds. Consolidation makes essential network resources less accessible to those working at the branch office. You want a solution that gives you an affordable, highly manageable way to meet networking needs at the outer reaches of your network. You want something that reduces your costs by simply making management easier.
In distributed enterprises, the only way to effectively manage the large number of network users and server appliances is through a directory. Spanning a wide area network (WAN) with a directory can create overhead issues related to synchronizing and managing directory data across the network.
Novell has created a solution for these branch office challenges. It's called Novell Nterprise Branch Office, a network appliance which takes advantage of Novell eDirectory to centralize the management of users and servers at the outreaches of your network. As a result, you will enjoy greater control, simplicity, cost savings, and improved network performance.
What is Novell Nterprise Branch Office?
Novell Nterprise Branch Office (referred to as simply "Branch Office" for the remainder of this AppNote) is an appliance that is targeted at corporations who have satellite offices with users who require the same level of service as exists at the corporate office. That is, they need to be able to authenticate securely to network services, access their files, print, and be protected from losing data in the event of a mishap. Branch Office significantly simplifies the complex task of maintaining network services at geographically distributed offices.
A Branch Office installation consists of two parts: the branch office server, and one or more servers at the corporate site to support authentication and backup (we'll call these "Central Office" servers). Granted, Branch Office servers can be run in standalone mode in the branch office, but this configuration will not offer all the advantages of having a Central Office server at the corporate site.
Branch Office also includes powerful authentication for secure communication between the Branch Office appliance and the Central Office server(s). This authentication provides a consistent level of security throughout the entire enterprise network. In addition, Branch Office allows backups to be done at the Central Office, releaving the worries of doing a daily backup at the branch office. Branch Office also utilizes automatic user access provisioning to provide instant access to file and print services.
What Problems Exist for Corporations Managing Branch Offices?
Remote offices incur several challenges. IS support managers typically experience the following challenges with their remote office:
Cost. Typical WAN connections cost significantly more than an Internet connection.
Backup. They need a reliable way to back up the data at the branch office.
Training. They need trained network personnel to manage the branch site.
Complexity. It is difficult to maintain a distributed directory in the field.
Fault Tolerance. They need a reliable way of incrementally updating branch office data at another (central) site in case of a disaster at the branch office.
Resource Consolidation. They need a good way to consolidate servers, storage, and applications.
If you are running up against similar challenges, read on. Novell Nterprise Branch Office may just be the solution you're looking for.
How Does Nterprise Branch Office Solve These Problems?
Here is how Novell Nterprise Branch Office solves the above problems inherent to maintaining a remote office in a distributed enterprise:
Cost. Branch Office is designed to use standard Internet connections, thereby eliminating the high cost of leased WAN lines.
Backup. Branch Office allows you to centralize all your backups at the corporate office as part of your overall company backup/disaster recovery architecture.
Training. With Branch Office, you don't need to have trained personnel at the branch offices because the appliance can be fully administered from the corporate data center.
Complexity. Network personnel at the central office are much more likely to have experience and expertise in managing a distributed network.
Fault Tolerance. Using an open-source technology called RSync, Branch Office synchronizes changes from the branch offices to the corporate site on a daily basis, providing fault tolerance for all of your branch office users' data. Using RSync technology, Branch Office initially does a full backup from the branch office to the central office. After that, delta block backups are done only to the data that changes, thereby reducing network traffic significantly.
Resource Consolidation. Branch Office consolidates resources by allowing several of your network needs to be accessible from a single "black-box" appliance.
Key Features of Novell Nterprise Branch Office
In addition to its scalability, Nterprise Branch Office provides directory-based security, manageability, and reliability. Several other key features make Branch Office an attractive solution for remote office management. Some of these features are outlined below.
User Access Provisioner
User Access Provisioner synchronizes users from the corporate LDAP server to the Branch Office appliance for instant access to file and print services at the branch office. This can be likened to an "authentication cache" on the branch office appliance. Once a user logs in, a copy of his/her credentials is stored on the local appliance for fast, local authentication. (This is a Novell patent-pending technology.)
RSync
RSync is an open source utility incorporated into Branch Office that copies delta changes from branch offices back to a centralized server at the corporate office. RSync provides fast incremental file transfer. Transferring files to the central office using RSync eliminates the need for local backups and increases your disaster preparedness since a copy of your data and user accounts exists in another location.
Note: Novell recommends that the corporate server be configured in some sort of fault tolerant configuration (such as a cluster) so that your central data store is protected against loss on the corporate side.
For more information on other functionality that is available when using RSync technology, see the RSync Web site at http://www.rsync.org.
Printing via Novell iPrint
Printing with Branch Office is done via iPrint, the award-winning Internet printing solution that also ships with NetWare 6. With iPrint as the basis for the Branch Office printing system, configuring printing has never been easier. You can set up access to printers from the Branch Office appliance or via the Web Administrator utility. From Novell Nterprise Branch Office Web Administrator, you can do the following printing-related tasks:
Add a printer
Remove a printer
Modify a printer's properties
Manage a printer
Manage print jobs
Add printer drivers
For details on configuring printing in Novell Nterprise Branch Office, see the online documentation at http://www.novell.com/documentation/lg/nbo.
Centralized Management
Centralized management fits in well with the basic idea of a central office/branch office model. Most large companies have a main office where their primary server center is located. They also have several field offices scattered around the world. In this scenario, the main office would be the central office and all the field offices would be the branch offices.
Nterprise Branch Office provides a low or almost no maintenance appliance- based solution for managing these branch offices. The employees at the branch offices do not need to worry about the administration of the appliance, since it can be administered by IS personnel in the central office via the Internet using Branch Office Web Administrator. In addition, the central office IS people can administer services such as backing up the appliance's data and printing.
File Protocol Support
Branch Office supports many file protocols to allow native storage access for any type of client on your network, including Novell, Windows, and Web-based clients. The protocols supported are:
NetWare Core Protocol (NCP)
File Transfer Protocl (FTP)
HyperText Transfer Protocol (HTTP)
Microsoft's Common Internet File Protocol (CIFS)
UNIX's Network File System (NFS)
Apple's Apple File Protocol (AFP)
This means that no matter how your employees currently access their data, they can continue to use the same method with Nterprise Branch Office. And they can access these files using the Novell client, Microsoft client, UNIX client, or through a Web browser using the Nterprise Branch Office Portal.
Portal Access
With Branch Office, you have the ability to select the corporate name and logo you want to appear in the upper-left corner of the Branch Office Portal. This name and logo will be seen by end-users. You can also select a list of shared links that will be displayed in My Web Links in the Branch Office Portal. This is useful if your company has links that everyone in the company accesses frequently, such as your corporate home page or benefits page. You can also create a new Web page and customize it with gadgets.
Configuration from a File or Disk
You can export (save) appliance configuration settings to a configuration file and import (apply) them. This can be useful if you are setting up several appliances with the same basic configuration. You could set up one appliance and then export the appliance configuration to a file, change the IP address and name for each new server, and import the modified configuration file on the other appliance.
Compatibility with Existing Backup Solutions
If you already have a backup system set up at your branch offices, you can continue using that solution instead of replicating changes to the corporate office and doing backups there. It's as simple as checking a box to enable backup and replication to your current Novell tape backup solution.
Requirements for Running Branch Office
Novell Nterprise Branch Office is a software-only solution that can be set up on your choice of hardware. However, it is highly recommended that you use hardware that has been tested and approved by Novell. This way Novell can guarantee that your hardware will work as seamlessly as possible with Branch Office software.
Hardware Requirements for the Branch Office
The minimum hardware requirements for the Branch Office appliance are as follows:
Server class PC with a a Pentium II or AMD K7 processor or better (Branch Office support multi-processor machines with up to 32 processors)
512 MB of RAM minimum (1 GB recommended)
SVGA display adapter and monitor, with connecting cable
Only one NetWare-certified PCI or built-into-motherboard network card , with standard network cable
Standard PC keyboard
USB, PS/2, or serial mouse (recommended, but not required)
9 GB hard disk storage minimum (if you are using SCSI or RAID drivers, make sure they are initialized prior to installation)
Bootable CD-ROM drive and floppy drive for loading the Novell Nterprise Branch Office appliance software
IP address, subnet mask, and (optional) gateway address for the appliance's eth0 network card
DNS server address (if you do not have a DNS server address, the appliance status will show an alert, but the appliance will still function)
You will also need a workstation for accessing Branch Office Web Administrator. This workstation must be running Windows Internet Explorer 5.0 or later with Java Virtual Machine (JVM) from Microsoft or Sun loaded and have access to subnet that the appliance is on.
Hardware Requirements for the Data Center
The minimum hardware requirements for the data center are as follows:
One server running either NetWare 6 with Support Pack 2, or NetWare 5.1 with Support Pack 5 and eDirectory upgraded to 8.6.2 SP2 or later, and Netware JVM 1.3 (you must have administrative rights to this server)
(Optional) One NetWare 6 server with SP2 or later for backing up data to the central office using RSync software (you must have administrative rights to this server)
(Optional) An LDAP-enabled eDirectory tree running DS 8.6.2 SP 1 or later with simple passwords assigned to all users (you must have administrative rights to this server)
The following ports open on the firewall:
PortUsed For20
FTP
21
FTP
80
HTTP
111
NFS
443
HTTPS
631
IPP (Printing)
636
LDAPS
873
RSync
1229
ZENworks for Servers Tiered Electronic Distribution
2049
NFS
2121
FTP administration
2222
Web-based administration utility
8080
iManager
You'll also need a workstation running the latest Novell Client, ConsoleOne 1.3.3 or later, and (optional) iManager 1.5 for enabling simple passwords for all users.
Software Components of Branch Office
Branch Office includes two CDs: the Nterprise Branch Office Central Office CD (referred to as the Central Office CD) and the Nterprise Branch Office Soft Appliance CD (referred to as the Soft Appliance CD).
Central Office CD. The Central Office CD includes software that needs to be installed on your central office server if you are using LDAP authentication or if you will be backing up to the central office server. This software includes:
NICI v2.4.1 (Novell International Cryptographic Infrastructure server software)
NMAS v2.1 SE (Novell Modular Authentication Service)
Novell iManager 1.5
Novell eDirectory 8.6.2 SP2
RSync
Soft Appliance CD. The Soft Appliance CD is an autorun CD that images and initializes your appliance hardware when the CD is loaded as the hardware boots up. You can remove the CD after the appliance has been initialized.
Warning: If you insert the Soft Appliance CD during boot up, your hardware will be re-initialized and all your settings and data may be lost.
Setting Up the Appliance via the Wizard
Branch Office Web Administrator runs a wizard the first time you access it through a Web browser (see Figure 1).
The Novell Nterprise Branch Office setup wizard.
The wizard helps you configure the basic appliance settings you need to get up and running, including the User Access Provisioner and RSync. You then have the ability to further administer the appliance, user accounts, and file access using other pages in the Branch Office Web Administrator.
Managing the Appliance
Branch Office can easily be configured and managed to work with your existing network. You can manage IP addresses, file access protocols, user authentication, and administrative access. In addition, you can set up printers, data replication, and date and time on the appliance. The best way to manage the appliance is with the Branch Office Web Administrator.
There are four icons at the top of the Branch Office Web Administrator. The first selects the Configuration (default) screen, as shown in Figure 2.
Branch Office Web Administrator Configuration panel.
The Configuration Panel allows you to configure many system parameters, including the following:
IP settings
Date and Time settings
Import/Export configurations to/from a floppy disk
Backup and Replication settings
Portal Administration
iPrint settings
Upgrade settings
The second icon selects the File Access Panel, as shown in Figure 3.
Branch Office Web Administrator File Access panel.
The File Access panel allows you to do the following:
Copy a file
Upload a file to the appliance
Download a file from the appliance
Create a new folder
Delete a file or folder
Rename a file or folder
Set properties for a file or folder
Assign rights to volumes, folders, and files
Set user access rights to a volume, folder, or file
Work with the Trash, including restoring files and folders, emptying a specific file or folder version from the trash, and emptying all versions of a specified file or folder
The third icon selects the User Access panel, as shown in Figure 4.
Branch Office Web Administrator User Access panel.
User accounts can originate from several potential sources, depending on the authentication options you are using. You can create them on the appliance, import Windows NT users, or provide access to UNIX users. After you create the user accounts and grant them access to the appliance, users can access the files stored on the appliance.
The User Access screen allows you to do the following:
Create a new user
Create a new group
Modify a user's attributes
Modify a group's attributes
Delete a user
Delete a group
Import users
Import groups
The fourth icon selects the Monitoring and Statistics panel, as shown in Figure 5.
Branch Office Web Administrator Monitoring and Statistics panel.
As an administrator, you will want to periodically check the health of your Branch Office appliance. Also, you might need to troubleshoot network conflicts or other issues on the appliance. The Monitoring and Diagnostics panel helps you with such tasks as checking the appliance's health status and gathering information about disk status and disk usage.
The Branch Office appliance conducts several tests to make sure that your appliance is configured correctly. The appliance health status is displayed with the Status icon in the upper-left corner of the browser-based interface. When the appliance is correctly configured, the status is Green. When there are problems that do not stop the appliance from its basic functions but which might mean that the appliance is not optimized, the status is Yellow. When there are serious configuration issues that impede the appliance, the status is Red.
In addition to the appliance status, the following items may be monitored:
Memory and CPU usage
Network connections
Network traffic
Appliance storage capacity
IP utilities such as Ping
Conclusion
Novell Nterprise Branch Office provides an effective solution for allowing the administration of branch offices from a central location. With Branch Office, you can back up data from the branch office to the central office. The central office provides redundancy for the branch office should anything ever happen to the Branch Office appliance.
* Originally published in Novell AppNotes
Disclaimer
The origin of this information may be internal or external to Novell. While Novell makes all reasonable efforts to verify this information, Novell does not make explicit or implied claims to its validity.