|
4.2. Setting the Network Connections |
|
General Information The following clients are connected to Enterprise Server: ◆Enterprise Agents, ◆Network Installers of Enterprise Agents, ◆other Enterprise Servers. Connection is always initiated by a client. The following schemas for connection to the Server are available: 1.Using Direct connections. This approach has a lot of advantages, but it is not preferable in some situations (also, there are some situations, that are not compatible with this approach). 2.Using Server Detection Service. Clients use this Service by default (if the other is not set obviously). You can use this approach, if the resetting of all system is needed, in particular, if you need to move the Server to another computer or change the IP-address of a computer with the Server. If you configure the anti-virus network for using the direct connections, the Server Detection Service can be disabled. To do this, at the transport settings (Administration → Dr.Web Enterprise Server Configuration → Transport tab) leave the Cluster address field empty. Dr.Web Enterprise Server Setup In the Server settings the address must be set (see Appendix E. The Specification of Network Addresses) to listen for accepting incoming TCP-connections. You can specify this parameter in the following Servers settings: Administration → Dr.Web Enterprise Server Configuration → Transport → Address field. To be listened by the Server the following parameters are set by default: ◆tcp/0.0.0.0:2371 - supported for backward compatibility; in particular, to avoid some problems with upgrading to the 5.0 version from the 4.XX version, which uses the 2371 port. ◆tcp/0.0.0.0:2193 - to use the 2193 port, registered for Dr.Web in IANA. 0.0.0.0 designation means "all network interfaces" for this computer, on which the Server is installed. For the proper functioning of all Dr.Web Enterprise Security Suite anti-virus network, it is enough for the Server to listen at least one TCP-port, which is known by all clients. Dr.Web Enterprise Agents Setup During the Agent installation, the Server address (IP-address or hostname of the computer, on which the Server is launched) can be directly set in installation parameters: drwinst <Server_Address> For the Agent installation it is recommended to use the Server name, registered in DNS service. This will simplify the setting of the anti-virus network in case of moving Enterprise Server to another computer. By default the drwinst instruction launched without parameters will scan the network for Enterprise Servers and will try to install Agent from the first found Server (the Multicast mode with using Server Detection Service). Thus, the Server address become known for the Agent during installation. You can change the Server address in the Agent settings manually later. To view and edit the settings of connection to the Server, use the Agent context menu item Settings → Connection. Dr.Web Enterprise Server Detection Service In this connection scheme, client does not know the Server address preliminary. Before establishing each connection, the Server will be searched in the network. To do this, the client sends the broadcast query and waits for the respond, that includes Server address. After the client gets respond, it will establish a connection with the Server. To realize this scheme, the Server must "listen" the network for such queries. Several variants of realization of this scheme is available. Most important is that the Server search method at the clients side must be matched with the Server respond part. The Multicast over UDP mode is used by default in the Dr.Web Enterprise Security Suite: 1.Server gets registered in the multicast group with 231.0.0.1 address. 2.Agents send multicast queries to the 231.0.0.1 group address during Server search. Server listens by default (similarly to direct connections): ◆udp/231.0.0.1:2371 ◆udp/231.0.0.1:2193 This parameter is set at the Servers settings: Administration → Dr.Web Enterprise Server Configuration → Transport tab → Cluster address field. Firewall Setup For anti-virus network components communication, all ports and interfaces, which are used by this components, must be opened on all computers in the anti-virus network. During Server installation, the installer allows to add an exceptions to OS firewall settings (except Windows 2000 OS). To do this, set the Add Server ports and interfaces to firewall exceptions flag. If a non-built-in Windows firewall is in use, the network administrator should set it up manually. |