The memoq server in a Corporate Network



Similar documents
The memoq server in a Corporate Network

Georgia College & State University

Setting Up Internet Access with the Swann DVR4Net PCI Card

Network Configuration Settings

BlackBerry Enterprise Server for Microsoft Office 365 preinstallation checklist

Lab Configuring Access Policies and DMZ Settings

home networking series Advanced manual - HOME NETWORKING

Chapter 15: Advanced Networks

MN-700 Base Station Configuration Guide

Network System Management. Creating an Active Directory Domain

Chapter 4 Customizing Your Network Settings

CONNECTING TO DEPARTMENT OF COMPUTER SCIENCE SERVERS BOTH FROM ON AND OFF CAMPUS USING TUNNELING, PuTTY, AND VNC Client Utilities

Copyright International Business Machines Corporation All rights reserved. US Government Users Restricted Rights Use, duplication or disclosure

Chapter 4 Customizing Your Network Settings

This document details the following four steps in setting up a Web Server (aka Internet Information Services -IIS) on Windows XP:

DEERFIELD.COM. DNS2Go Update API. DNS2Go Update API

How to Configure Active Directory based User Authentication

Chapter 3 Security and Firewall Protection

Technical Brief for Windows Home Server Remote Access

Lab Configuring Access Policies and DMZ Settings

White Paper Copyright 2011 Nomadix, Inc. All Rights Reserved. Thursday, January 05, 2012

Document No. FO1101 Issue Date: Work Group: FibreOP Technical Team October 31, 2013 FINAL:

Step-by-Step Configuration

How To Plan A Desktop Workspace Infrastructure

IMF Tune Quarantine & Reporting Running SQL behind a Firewall. WinDeveloper Software Ltd.

allow all such packets? While outgoing communications request information from a

Firewall Environments. Name

How to Configure Split DNS

1 Axis camera configuration IP configuration Setting up date and time Installing an IPS Analytics Application...

Security perimeter white paper. Configuring a security perimeter around JEP(S) with IIS SMTP

Linux and the Internet, Servers, Ports, Firewalls

A) Secure Virtual Private Network (VPN) access services.

How To - Configure Virtual Host using FQDN How To Configure Virtual Host using FQDN

1 PC to WX64 direction connection with crossover cable or hub/switch

ClearOS Network, Gateway, Server Quick Start Guide

Deploying ModusGate with Exchange Server. (Version 4.0+)

INTERNET DOMAIN NAME SYSTEM

Chapter 5 Customizing Your Network Settings

Appendix D: Configuring Firewalls and Network Address Translation

Guide to Setting up Internet Connection Sharing for Windows

1 You will need the following items to get started:

Scalable Secure Remote Access Solutions

Networking Domain Name System

Payment Card Industry (PCI) Data Security Standard

Acronis Backup & Recovery 11.5 Quick Start Guide

LAN TCP/IP and DHCP Setup

Implementing Microsoft Exchange Mail on Demand

Installation Guide For Choic Enterprise Edition

NOTE: Labs in this course are based on the General Availability release of Windows Server 2012 R2 and Windows 8.1.

Hands-on Network Traffic Analysis Cyber Defense Boot Camp

Computer Networking. Definitions. Introduction

Firewalls. Ahmad Almulhem March 10, 2012

Overview. Firewall Security. Perimeter Security Devices. Routers

Networking Best Practices Guide. Version 6.5

NETWORK SET UP GUIDE FOR

TRUFFLE Broadband Bonding Network Appliance BBNA6401. A Frequently Asked Question on. Link Bonding vs. Load Balancing

How to Remotely View Security Cameras Using the Internet

FREQUENTLY ASKED QUESTIONS

SQL EXPRESS INSTALLATION...

JK0-022 CompTIA Academic/E2C Security+ Certification Exam CompTIA

DB Administration COMOS. Platform DB Administration. Trademarks 1. Prerequisites. MS SQL Server 2005/ Oracle. Operating Manual 09/2011

Network Setup Guide. 1 Glossary. 2 Operation. 1.1 Static IP. 1.2 Point-to-Point Protocol over Ethernet (PPPoE)

DNS Server Operation & Configuration

Load Balancing. Outlook Web Access. Web Mail Using Equalizer

VPN Configuration Guide. Linksys (Belkin) LRT214 / LRT224 Gigabit VPN Router

Installing and Configuring Windows Server 2012

Novell Open Workgroup Suite

Linux firewall. Need of firewall Single connection between network Allows restricted traffic between networks Denies un authorized users

A Quick Guide to Publish Thecus NAS on Internet. Contents

2X SecureRemoteDesktop. Version 1.1

Copyright 2005 Danware Data A/S. Portions used under license from third parties. All rights reserved. Document revision: Please send comments

freesshd SFTP Server on Windows

M2M Series Routers. Port Forwarding / DMZ Setup

How to Configure the Windows DNS Server

Owner of the content within this article is Written by Marc Grote

Understand Troubleshooting Methodology

Vico Software Installation Guide

Machine control going www - Opportunities and risks when connecting a control system to the Internet

Kerio Control. Step-by-Step Guide. Kerio Technologies

Installing the Microsoft Network Driver Interface

MCSA Server (Exam )

NETWORK SETUP GLOSSARY

N-CAP Users Guide Everything You Need to Know About Using the Internet! How Firewalls Work

TRUFFLE Broadband Bonding Network Appliance. A Frequently Asked Question on. Link Bonding vs. Load Balancing

LinkProof DNS Quick Start Guide

Network Address Translation (NAT)

Installation Guide. Research Computing Team V1.9 RESTRICTED

Internet Firewall CSIS Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS net15 1. Routers can implement packet filtering

The PostBase Connectivity Wizard

AirStation VPN Setup Guide WZR-RS-G54

Installing and Configuring Windows Server 2012

Internet Services. Amcom. Support & Troubleshooting Guide

Remote Connection to Your Computers

EZblue BusinessServer The All - In - One Server For Your Home And Business

PolyServe Understudy QuickStart Guide

VIDEO Intypedia013en LESSON 13: DNS SECURITY. AUTHOR: Javier Osuna García-Malo de Molina. GMV Head of Security and Process Consulting Division

WatchGuard Mobile User VPN Guide

Chapter 7. Address Translation

athenahealth Interface Connectivity SSH Implementation Guide

Transcription:

The memoq server in a Corporate Network Version 3.5 LSP Guide memoq copyright 2004-2009 Kilgray Translation Technologies. All rights reserved. Contents The memoq server in a Corporate Network...1 Version 3.5...1 LSP Guide...1 Contents...1 1 Overview...2 2 Possible Network Setups...3 3 IP Addresses...5 4 The Client Connect Address Problem...6 5 Resolving the Client Connect Address Problem...7

The memoq server in a Corporate Network LSP Guide 2 1 Overview Language service providers (LSPs) usually work with mixed teams consisting of internal staff and external contractors, or freelancers. When a translation task requires a team with multiple translators and/or reviewers, it is natural to use a translation memory server or a translation project server such as the memoq server. If a team includes both internal staff and freelancers, the same server needs to be accessible both from the LSP s internal network, and the Internet. This might present difficulties for the LSP because the same server might be visible at one specific address for the internal network, and another address from the Internet. For the memoq server, this might be a problem because it exposes one and only one client connect address. This address is included among the server project details: when a translator or a reviewer is checking out a server project, the memoq desktop program will look for the published translation memories and termbases using this client connect address. However, if the server physically resides in the company network, client computers need to use a different address depending on whether they are inside the network, or accessing it from the Internet. Since you cannot specify two or more client connect addresses in the memoq server, this might cause an issue in the network setup. This document describes the problem in a non-technical manner, and outlines the possible solutions. It is important to note that the issue is not directly related to the configuration of the memoq server rather, it concerns the overall network setup of the company.

The memoq server in a Corporate Network LSP Guide 3 2 Possible Network Setups An organization has two options to place their public servers. Smaller organizations prefer to put up their servers outside the company network, in a hosting center of an ISP (Internet Service Provider). In this setup, the organization itself accesses the server over the Internet, so the server has one address indeed. This means that hosted servers do not expose the problem outlined above, so this setup will not be considered further on. The second option is used by larger organizations that have a proper company network with a suitable broadband Internet connection. Such organizations place (some of) the public servers within the company network, retaining full control over the data and configuration on the server (as opposed to hosted servers). An organization usually protects its network from Internet-originated attacks using firewalls. A firewall is a dedicated computer with a piece of software that monitors incoming traffic (data), and detects potential threats. It can also be used to control access to one part of the network or another, or to control/restrict the Internet access for the internal computers or users. If an organization has no servers in its internal network, the firewall usually blocks all incoming traffic (data). This means that no connection can be initiated from the outside. This is just like a phone that can be used to make calls but cannot be called. If the connection is initiated from the inside for example, a user accesses a web page or downloads her e-mails the firewall will of course let in the reply to the request. Give me that webpage! Give me that webpage! Give me that webpage! Figure 1: A simple small business network with no servers and a fully blocking firewall If there is a server in the network, however, the setup becomes more complicated. The company network will be split into two parts, and will have at least two firewalls.

The memoq server in a Corporate Network LSP Guide 4 There will be a part where computers cannot be accessed from the outside. This will have the same full protection as the network in Figure 1. The other part contains the servers that make some of their services public. However, these servers will still be protected by a firewall because the company wants to retain total control and protection of the data stored on them. In other words, the servers will be opened up very carefully, making sure that nothing is exposed that does not explicitly need to be exposed. This network will contain two firewalls. The outside firewall will have somewhat permissive settings so that the services published by the servers are accessible from the Internet. The inside firewall, however, will still block all incoming requests. Between the two firewalls is a socalled de-militarized zone, or DMZ. If a memoq server is hosted within a company network, it is most likely it will be put in a DMZ. Internal network here are the client computers Internal firewall DMZ here are the servers External firewall Internet Figure 2: Scheme of a corporate network with servers placed in a DMZ The servers placed in the DMZ are accessed from two networks: from the internal network and the Internet.

The memoq server in a Corporate Network LSP Guide 5 3 IP Addresses The rules that govern how computers talk to each other on a network is called the TCP/IP protocol suite. One of the rules is that each computer must have at least one address consisting of four numbers such as 81.116.212.59 or 192.168.0.49. These addresses are called the IP addresses. Different networks have different address ranges. The Internet is in fact made up from an enormous amount of networks (so it is a network of networks) having different address ranges. There are special address ranges that are considered as private. If a computer has a private address, it cannot be directly accessed from the Internet. Such addresses start with the numbers 192.168, 172.16, or 10. This means that a computer with the address 192.168.0.26 is not accessible from the Internet, whereas one with the address 81.92.178.3 is. Different networks can be connected to each other using a device called the router. The Internet contains an enormous amount of interconnected routers, this is why any two computers on the Internet can actually talk to each other, regardless of the network they are in. Private networks are also hooked up to the Internet using a router that usually also acts as a firewall. The internal network of a company tends to be a private network. Most likely they have an address range like 192.168.1.101 192.168.1.223 or similar. These addresses are not accessible from the Internet. When this network is hooked up to the Internet, it will receive one public IP address that is accessible from the outside. This means that from the Internet, the entire private network will look like a single computer having a public IP address such as 86.176.45.9. The router will take care of distributing the incoming data among the internal computers. If a private network contains a server such as the memoq server, it will be accessible through two IP addresses: one private address, and one public address (that will probably be the single public address the network has). Funnily enough, the single external address of a private network can never be accessed from within the private network itself. This is to prevent circular traffic or direct feedback, which would mean a blowup of the amount of data transferred over the network, and would cause the network to stop functioning.

The memoq server in a Corporate Network LSP Guide 6 4 The Client Connect Address Problem The memoq server can have exactly one client connect address. If the server that runs the memoq server software has two IP addresses, only one of those can be used to contact the server. In this setup, the following problems can happen: (1) If the client connect address is set to the internal IP address of the server, only the internal users can check out server projects from the server. External users will not be able to check out server projects. (2) If the client connect address is set to the external IP address of the server, only teh external users can check out server projects from the server. This will not work for the internal users. If a mobile user brings in her laptop in the internal network, she will not be able to access the same server projects that worked fine earlier. In all other respects, the server can be accessed both internally and externally because the client connect address is not used when the users access translation memories or term bases on the server without a server project.

The memoq server in a Corporate Network LSP Guide 7 5 Resolving the Client Connect Address Problem The client connect address problem goes away if you can use one single name or address for the server, and this name is equally valid in both the internal and external networks. We already know that this is not possible by using IP addresses. The problem can be solved by using DNS names instead of IP addresses. A DNS name or fully qualified domain name, FQDN is a friendly name for a computer that can be used in lieu of an IP address. For example, there is a computer with the IP address 195.56.44.105. This IP address is not known to many people because this computer is almost always accessed by the name www.kilgray.com. When you type the www.kilgray.com address into your browser, your computer will contact another server called the DNS (Domain Name System) server. This server is operated by your internet service provider (ISP). Its task is to find the IP address for names like this. In finding the IP address, the ISP s DNS server co-operates with other DNS servers on the Internet. By the clever use of DNS servers, it is possible to assign the same name (like www.kilgray.com ) to multiple IP addresses. This means that the server should be accessible by the name memoqserver.lspname.com both from the internal and the external computers. Let s suppose there is a memoq server in the internal network whose internal IP address is 192.168.2.11, and external IP address is 81.195.46.7 The memoq server s client connect address is set to memoqserver.lspname.com. This setup works if the internal computers, when accessing memoqserver.lspname.com are directed to 192.168.2.11 (the internal IP address), and the external computers, when accessing the same domain name, are directed to 81.195.46.7. This means that the DNS servers should say different addresses to the internal and the external computers. There are two possible solutions to this: 1. Setting up an internal DNS server. This is the way to go if the internal network uses Active Directory. If you use Active Directory, at least one server in your organization should work as a DNS server anyway. You can create a zone for your lspname.com domain on the internal DNS server, and instruct it to return the internal IP address of the memoq server when queried. All other DNS queries (such as web page requests) should be forwarded to the external DNS server usually run by your ISP. The internal DNS server can do this easily. The internal computers and laptops brought in must be directed to the internal DNS server, but that is easily done through automatic IP configuration (present in almost every network).

The memoq server in a Corporate Network LSP Guide 8 This document does not contain detailed configuration instructions on setting this up since this depends on the type of the DNS server you are using. It also depends on the type of the device that distributes the IP addresses within the network. The latter can be a router/firewall or a separate computer (running mostly Linux or Windows) with DNS server software. Your IT staff must be able to set this up. 2. Using the HOSTS file. This approach is useful if you have no internal DNS server. Your internal computers use the external DNS server run by the internet service provider. However, there is a file in their system directory that needs to be modified. In Windows, the HOSTS file is in the following folder: C:\Windows\System32\drivers\etc It looks like this: Copyright (c) 1993-2006 Microsoft Corp. This is a sample HOSTS file used by Microsoft TCP/IP for Windows. This file contains the mappings of IP addresses to host names. Each entry should be kept on an individual line. The IP address should be placed in the first column followed by the corresponding host name. The IP address and the host name should be separated by at least one space. Additionally, comments (such as these) may be inserted on individual lines or following the machine name denoted by a '' symbol. For example: 102.54.94.97 rhino.acme.com source server 38.25.63.10 x.acme.com x client host 127.0.0.1 localhost ::1 localhost You need to add one line here: <internal_address_of_memoq_server> memoqserver.lspname.com Using the numbers from the previous example: 192.168.2.11 memoqserver.lspname.com This file contains exceptions to general DNS rules. The system supposes that every IP address should be queried from the external DNS server but these. You need to make this change on the internal computers. This way the DNS server will return the external IP address of the memoq server, but the internal computers will not use that. Instead, they will contact the memoq server using the internal address because of this extra line in the HOSTS file. Note that the second approach will not work with laptops unless the HOSTS file is modified each time the laptop is brought in and taken out.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information