Sun Microsystems 10 User Manual
Version 3.1-en
Solaris 10 Container Guide - 3.1 3. Use Cases
Effective: 30/11/2009
3.4. Multi-network monitoring
Requirement
[dd] A company has several different networks that are separated into several levels either by
firewalls or by routers. A variety of computers are installed in the individual networks. Administration
is to be simplified, and the company would like to be able to "look into" all the networks directly from a
central location and administer without having to connect the networks by routing.
[dd] A company has several different networks that are separated into several levels either by
firewalls or by routers. A variety of computers are installed in the individual networks. Administration
is to be simplified, and the company would like to be able to "look into" all the networks directly from a
central location and administer without having to connect the networks by routing.
Solution
[dd] A central monitoring and administrator server is installed. On this server, several zones are
created that have each a connection to a network. Monitoring or administration of the computers of
the individual networks is done from the zones. The following details are used in particular:
[dd] A central monitoring and administrator server is installed. On this server, several zones are
created that have each a connection to a network. Monitoring or administration of the computers of
the individual networks is done from the zones. The following details are used in particular:
•
Sparse-root zones, that is, the zones inherit everything, if possible, from the global zone.
•
All zones use the same monitoring and administration tools.
•
Monitoring data are stored in file systems that are shared between zones.
•
Data can be evaluated from a local zone or centrally from the global zone.
•
From a central location (the global zone), central configuration files can be distributed directly to
all zones or to all systems in the networks. Circuitous paths via routers and firewalls are omitted.
all zones or to all systems in the networks. Circuitous paths via routers and firewalls are omitted.
•
Routing between zones must be turned off.
•
Option: Use exclusive-IP instances.
Assessment
[dd] This use case has the following characteristics:
[dd] This use case has the following characteristics:
•
The operating division's expenses for creating the zones are low.
•
The administrative overhead decreases for systems in the networks since no multiple login via
routers or firewalls must be performed.
routers or firewalls must be performed.
•
A single point of administration can be created.
•
Relief of the strain on routers and firewalls stemming from network load and additional
configurations.
configurations.
•
Use of uniform monitoring tools.
•
Use of uniform configurations is simplified.
19
Figure 10: [dd] Use case: Multi-network monitoring
Network C
Network D
Network B
Network E
Network A
Network F
Global Zone
System 1
Monitor
A
Monitor
B
Monitor
C
Monitor
D
Monitor
E
Monitor
F