Specifications
©
2002, David K. Z. Harris
46
Pg. 46
© 2002
David K. Z. Harris
Advanced Architectures (#10)
Ø One server for control
Ø Secondary logging server
² Dedicated machine
² No NFS dependencies
² Only 1-2 admins
² Physically secured
² Strictly READ ONLY
Ø Ports from devices connected to
two jacks!
D
F
H
G
RW
RO
Legend: G = signal ground, D = tx and rx data, F = hardware flow control
leads, and H = hardware handshaking leads.
Basically, only the signal ground and the data coming from the attached
console is delivered to the second port. There is no way to control the attached
device from this second port, but you do get a second logging server, to
provide a method for you to validate logs on the primary server.
This can be applied in an environment where your logs may be audited, and
you need a way to reduce the chances of someone being able to tamper with
logs.
One console server is deployed, and is used by console clients. This server can
be managed across the network, and probably is a dedicated device, with a
minimum number of login accounts.
A second console server is added, which is also dedicated to this task, but is
also designed to be a stand-alone server, with no file dependencies to other
hosts on the network. You would have a local monitor and keyboard, but this
is all in a physically secure location, to prevent access by unauthorized folks.
The console wiring from the attached devices is brought back to the secure
location, and connected to TWO sets of jacks (for each attached device). All
wires are connected to the RW jack, while only signal ground and receive data
are connected to the read-only jack. The RO jacks connect to the second
server.