User manual NOVELL ZENWORKS NETWORK ACCESS CONTROL 5.0 09-22-2008

[. . . ] novdocx (en) 24 March 2009 AUTHORIZED DOCUMENTATION Users Guide Novell® 5. 0 ZENworks® Network Access Control September 22, 2008 www. novell. com Novell ZENworks Network Access Control Users Guide novdocx (en) 24 March 2009 Legal Notices Novell, Inc. , makes no representations or warranties with respect to the contents or use of this documentation, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. , reserves the right to revise this publication and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. Further, Novell, Inc. , makes no representations or warranties with respect to any software, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. , reserves the right to make changes to any and all parts of Novell software, at any time, without any obligation to notify any person or entity of such changes. [. . . ] 2e After the installation is complete, log in to the Novell ZENworks Network Access Control user interface and check for rule updates (System configuration>>Test updates>>Check for test updates). 3 Restore the data by following the instructions in "Restoring to the Same Server" on page 340. Restoring to the Same Server To restore system configuration and data from a backup file to the same server: Home window>>System configuration>>Maintenance 1 Click restore system from backup file. The Restore system window appears: Figure 16-1 Restore System 2 Enter the backup file name or click Browse and navigate to the backup file. 4 The system data is restored and the login window appears: Figure 16-2 Login 340 Novell ZENworks Network Access Control Users Guide novdocx (en) 24 March 2009 16. 7. 3 Restoring the Original Database IMPORTANT: Running this script resets your entire system, not just the database. See Section 16. 5. 8, "Resetting your System, " on page 335 for more information. To reset a Novell ZENworks Network Access Control database to its pristine state: Command window 1 Log in as root to the Novell ZENworks Network Access Control MS using SSH. 2 Enter the following commands: resetSystem. py This script shuts down all of the services, cleans the database, iptables, and DHCP server, and restarts everything. 16. 7. 4 Generating a Support Package To generate a support package: See Section 3. 16, "Downloading Support Packages, " on page 116. 16. 8 System Requirements The following hardware and software is required to install and operate Novell ZENworks Network Access Control: Table 16-3 ZENworks Network Access Control System Requirements Item Minimum Recommended Server -- A dedicated server or servers for product installation with the following minimum system requirements: System Administration 341 novdocx (en) 24 March 2009 Item Minimum Recommended Processor Pentium 4 2 GHz Pentium 4 or higher 2. 8 GHz 4 GB 146 GB 10/100/1000 (Intel) RAM Disk space Multiple-server installation: 2 GB 73 GB 10/100/1000 (Intel) MS installation -- One server-class network interface cards (NICs) and -- ES installation -- DHCP -- Two server-class network interface cards (NICs) Inline -- Two server-class network interface cards (NICs) 802. 1X-enabled installation -- One server-class network interface cards Single-server installation -- Two server-class network interface cards (NICs) CD-ROM drive yes yes yes An Internet connection or a Web proxy yes server that allows outbound HTTPS communications from the MS. Workstation -- A workstation running one of the following browsers with 128-bit encryption: Windows -- Mozilla version 1. 7 Mozilla Firefox version 1. 5 Internet Explorer 6. 0 and 7. 0 Linux -- Mozilla version 1. 7 License -- A subscription license key Product updates -- The latest Novell ZENworks Network Access Control product updates yes yes yes yes yes yes TIP: It is strongly recommended that you use the server-class Intel NIC cards. If you use a different NIC card, you might be unable to connect, or experience unpredictable results and availability. If you did not receive one, contact Novell Support (http://www. novell. com/support) or call (800) 858-4000). 342 Novell ZENworks Network Access Control Users Guide novdocx (en) 24 March 2009 16. 9 Supported VPNs Novell ZENworks Network Access Control works with any VPN endpoint, since Novell ZENworks Network Access Control does not directly interface or inter-operate with VPN endpoints. The following commonly deployed VPN solutions have been tested: Cisco VPN Concentrators OpenSSL VPNs Protocols supported: IPSec L2TP PPTP SSL 16. 10 Adding Custom Tests The following sections contain more information: Section 16. 10. 1, "Introduction, " on page 343 Section 16. 10. 2, "References, " on page 343 Section 16. 10. 3, "Changing the Error Messages in a Test Script, " on page 344 Section 16. 10. 4, "Creating a Custom Test Class Script from Scratch, " on page 347 Section 16. 10. 5, "BasicTests API, " on page 356 16. 10. 1 Introduction Novell ZENworks Network Access Control is an efficient, flexible and extensible testing platform. All tests are implemented in the object oriented programming language called Python. Because the language is object oriented and the Novell ZENworks Network Access Control test platform is extensible, new tests can be developed easily. Existing tests can also be extended using inheritance--a programming language's ability to derive one class/script from another class and override and extend methods of that class. If you have previously used Perl to complete these tasks, you might find that Python is a better choice as a programming language for the tasks described in the following sections. IMPORTANT: You should familiarize yourself with Python and with the rest of the Novell ZENworks Network Access Control product before attempting to create custom test scripts. 16. 10. 2 References This version of Novell ZENworks Network Access Control uses Python v2. 4. 1: Python home: http://www. python. org/ (http://www. python. org/) System Administration 343 novdocx (en) 24 March 2009 Python 2. 4. 1 tutorial: http://www. python. org/doc/2. 4. 1/tut/tut. html (http://www. python. org/ doc/2. 4. 1/tut/tut. html) Python language reference: http://www. python. org/doc/2. 4. 1/ (http://www. python. org/doc/ 2. 4. 1/) Sample test scripts are on the Novell ZENworks Network Access Control CD in the / sampleScripts folder. 16. 10. 3 Changing the Error Messages in a Test Script Using Python, try changing the error messages in an existing test script. This task can help you to familiarize yourself with the Novell ZENworks Network Access Control scripting API. Each Novell ZENworks Network Access Control test script defines a test class. To change an error message, create a new script that derives a new test class from an existing test class and modify the return hash of the runTest method. For example, to change an error message: 1 Log in as root to the Novell ZENworks Network Access Control server using SSH. 2 Open the /sampleScripts/myCheckSoftwareNotAllowed. py file on the Novell ZENworks Network Access Control CD in a text editor. [. . . ] These peer nodes function both as clients and servers to other nodes and can perform any client or server function. P2P software allows users to connect directly to other users and is used for file sharing. Many P2P software packages are considered spyware and their use is generally discouraged. PDA Personal Digital Assistant -- A small, portable electronic device that includes features normally found on a computer, cell phone, music player, and other functionality. [. . . ]