The memoq server in a Corporate Network

Similar documents
The memoq server in a Corporate Network

Setting Up Internet Access with the Swann DVR4Net PCI Card

Network Configuration Settings

BlackBerry Enterprise Server for Microsoft Office 365 preinstallation checklist

Lab Configuring Access Policies and DMZ Settings

home networking series Advanced manual - HOME NETWORKING

Chapter 15: Advanced Networks

MN-700 Base Station Configuration Guide

Network System Management. Creating an Active Directory Domain

CONNECTING TO DEPARTMENT OF COMPUTER SCIENCE SERVERS BOTH FROM ON AND OFF CAMPUS USING TUNNELING, PuTTY, AND VNC Client Utilities

Copyright International Business Machines Corporation All rights reserved. US Government Users Restricted Rights Use, duplication or disclosure

This document details the following four steps in setting up a Web Server (aka Internet Information Services -IIS) on Windows XP:

DEERFIELD.COM. DNS2Go Update API. DNS2Go Update API

How to Configure Active Directory based User Authentication

Chapter 3 Security and Firewall Protection

Technical Brief for Windows Home Server Remote Access

White Paper Copyright 2011 Nomadix, Inc. All Rights Reserved. Thursday, January 05, 2012

Lab Configuring Access Policies and DMZ Settings

Document No. FO1101 Issue Date: Work Group: FibreOP Technical Team October 31, 2013 FINAL:

Step-by-Step Configuration

How To Plan A Desktop Workspace Infrastructure

IMF Tune Quarantine & Reporting Running SQL behind a Firewall. WinDeveloper Software Ltd.

allow all such packets? While outgoing communications request information from a

Firewall Environments. Name

How to Configure Split DNS

1 Axis camera configuration IP configuration Setting up date and time Installing an IPS Analytics Application...

Linux and the Internet, Servers, Ports, Firewalls

Security perimeter white paper. Configuring a security perimeter around JEP(S) with IIS SMTP

Chapter 4 Customizing Your Network Settings

A) Secure Virtual Private Network (VPN) access services.

1 PC to WX64 direction connection with crossover cable or hub/switch

How To - Configure Virtual Host using FQDN How To Configure Virtual Host using FQDN

JK0-022 CompTIA Academic/E2C Security+ Certification Exam CompTIA

ClearOS Network, Gateway, Server Quick Start Guide

Deploying ModusGate with Exchange Server. (Version 4.0+)

Chapter 4 Customizing Your Network Settings

Guide to Setting up Internet Connection Sharing for Windows

1 You will need the following items to get started:

Scalable Secure Remote Access Solutions

Networking Domain Name System

Payment Card Industry (PCI) Data Security Standard

LAN TCP/IP and DHCP Setup

Installation Guide For Choic Enterprise Edition

Computer Networking. Definitions. Introduction

Firewalls. Ahmad Almulhem March 10, 2012

Networking Best Practices Guide. Version 6.5

Overview. Firewall Security. Perimeter Security Devices. Routers

NETWORK SET UP GUIDE FOR

TRUFFLE Broadband Bonding Network Appliance BBNA6401. A Frequently Asked Question on. Link Bonding vs. Load Balancing

How to Remotely View Security Cameras Using the Internet

FREQUENTLY ASKED QUESTIONS

SQL EXPRESS INSTALLATION...

VESZPROG ANTI-MALWARE TEST BATTERY

DB Administration COMOS. Platform DB Administration. Trademarks 1. Prerequisites. MS SQL Server 2005/ Oracle. Operating Manual 09/2011

1 hours, 30 minutes, 38 seconds Heavy scan. All scanned network resources. Copyright 2001, FTP access obtained

Network Setup Guide. 1 Glossary. 2 Operation. 1.1 Static IP. 1.2 Point-to-Point Protocol over Ethernet (PPPoE)

DNS Server Operation & Configuration

Load Balancing. Outlook Web Access. Web Mail Using Equalizer

HP Device Manager 4.7

Firewalls. ITS335: IT Security. Sirindhorn International Institute of Technology Thammasat University ITS335. Firewalls. Characteristics.

Firewalls. Contents. ITS335: IT Security. Firewall Characteristics. Types of Firewalls. Firewall Locations. Summary

VPN Configuration Guide. Linksys (Belkin) LRT214 / LRT224 Gigabit VPN Router

Novell Open Workgroup Suite

2X SecureRemoteDesktop. Version 1.1

Linux firewall. Need of firewall Single connection between network Allows restricted traffic between networks Denies un authorized users

A Quick Guide to Publish Thecus NAS on Internet. Contents

freesshd SFTP Server on Windows

How to Configure the Windows DNS Server

Appendix D: Configuring Firewalls and Network Address Translation

Understand Troubleshooting Methodology

M2M Series Routers. Port Forwarding / DMZ Setup

Owner of the content within this article is Written by Marc Grote

Vico Software Installation Guide

Chapter 5 Customizing Your Network Settings

Machine control going www - Opportunities and risks when connecting a control system to the Internet

Kerio Control. Step-by-Step Guide. Kerio Technologies

Installing the Microsoft Network Driver Interface

INTERNET DOMAIN NAME SYSTEM

N-CAP Users Guide Everything You Need to Know About Using the Internet! How Firewalls Work

TRUFFLE Broadband Bonding Network Appliance. A Frequently Asked Question on. Link Bonding vs. Load Balancing

Hands-on Network Traffic Analysis Cyber Defense Boot Camp

Acronis Backup & Recovery 11.5 Quick Start Guide

Installation Guide. Research Computing Team V1.9 RESTRICTED

The PostBase Connectivity Wizard

LinkProof DNS Quick Start Guide

Internet Firewall CSIS Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS net15 1. Routers can implement packet filtering

AirStation VPN Setup Guide WZR-RS-G54

Network Address Translation (NAT)

Internet Services. Amcom. Support & Troubleshooting Guide

PolyServe Understudy QuickStart Guide

EZblue BusinessServer The All - In - One Server For Your Home And Business

WatchGuard Mobile User VPN Guide

Test Case 3 Active Directory Integration

athenahealth Interface Connectivity SSH Implementation Guide

Transcription:

The memoq server in a Corporate Network Version 3.5 LSP Guide memoq copyright 2004-2009 Kilgray Translation Technologies. All rights reserved. Contents 1 Overview...2 2 Possible Network Setups...3 3 IP Addresses...5 4 The Client Connect Address Problem...5 5 Resolving the Client Connect Address Problem...7

The memoq server in a Corporate Network LSP Guide 2 1 Overview Language service providers (LSPs) usually work with mixed teams consisting of internal staff and external contractors, or freelancers. When a translation task requires a team with multiple translators and/or reviewers, it is natural to use a translation memory server or a translation project server such as the memoq server. If a team includes both internal staff and freelancers, the same server needs to be accessible both from the LSP s internal network and from the Internet. This might present difficulties for the LSP because the same server might be visible at one specific address for the internal network, and another address from the Internet. This might be a problem for the memoq server because it exposes one and only one client connect address. This address is included in the server project details: when a translator or a reviewer is checking out a server project, the memoq desktop program will look for the published translation memories and termbases using this client connect address. However, if the server physically resides in the company network, client computers need to use a different address depending on whether they are inside the network, or accessing it from the Internet. Since you cannot specify two or more client connect addresses in memoq server, this might cause an issue in the network setup. This document describes the problem in a non-technical manner and outlines the possible solutions. It is important to note that the issue is not directly related to the configuration of memoq server rather, it concerns the overall network setup of the company.

The memoq server in a Corporate Network LSP Guide 3 2 Possible Network Setups An organization has two options when it comes to placing their public servers. Smaller organizations prefer to put up their servers outside the company network, in a hosting center of an ISP (Internet Service Provider). In this setup, the organization itself accesses the server over the Internet, so the server has one address indeed. This means that hosted servers do not expose the problem outlined above, so this setup will not be considered further on. The second option is used by larger organizations that have a proper company network with a suitable broadband Internet connection. Such organizations place (some of) the public servers within the company network, retaining full control over the data and configuration on the server (as opposed to hosted servers). An organization usually protects its network from online attacks using firewalls. A firewall is a dedicated computer with a piece of software that monitors incoming traffic (data), and detects potential threats. It can also be used to control access to one part of the network or another, or to control/restrict the Internet access for internal computers or users. If an organization has no servers in its internal network, the firewall usually blocks all incoming traffic (data). This means that no connection can be initiated from the outside. This is just like a phone that can be used to make calls but cannot be called. If the connection is initiated from the inside for example, a user accesses a web page or downloads her e-mails the firewall will of course let in the reply to the request. Give me that webpage! Give me that webpage! Give me that webpage! External computer Figure 1: A simple small business network with no servers and a fully blocking firewall

The memoq server in a Corporate Network LSP Guide 4 If there is a server in the network, however, the setup becomes more complicated. Similarly to an airlock, the companynetwork will be split into two parts, and will have at least two security doors that is, firewalls. Between the two firewalls there is a so-called de-militarized zone, or DMZ. If a memoq server is hosted within a company network, it is most likely to be put in a DMZ. There will be an inner part containing client computers that cannot be accessed from the outside. This will have the same full protection as the network in Figure 1 an inside door or firewall blocking all incoming requests. The secure middle part contains the servers that make some of their services public. However, these servers will also be protected by a firewall from the outside because the company wants to retain total control and protection of the data stored on them. Just like the outer door of an airlock, the firewall protecting the servers will be opened up very carefully, making sure that nothing is exposed that does not explicitly need to be exposed. This means that it will have somewhat permissive settings so that the services published by the servers are accessible from the Internet. The servers placed in the DMZ are accessed from two networks: from the internal network and from the Internet. Internal network: Internal DMZ: External Internet Client computers firewall Server firewall

The memoq server in a Corporate Network LSP Guide 5 3 IP Addresses The rules that govern how computers talk to each other on a network is called the TCP/IP protocol suite. One of the rules is that each computer must have at least one address consisting of four numbers such as 81.116.212.59 or 192.168.0.49. These addresses are called the IP addresses. Different networks have different address ranges. The Internet is in fact made up from an enormous amount of networks (so it is a network of networks) having different address ranges. There are special address ranges that are considered as private. If a computer has a private address, it cannot be directly accessed from the Internet. Such addresses start with the numbers 192.168, 172.16, or 10. This means that a computer with the address 192.168.0.26 is not accessible from the Internet, whereas one with the address 81.92.178.3 is. Different networks can be connected to each other using a device called the router. The Internet contains an enormous amount of interconnected routers, this is why any two computers on the Internet can actually talk to each other, regardless of the network they are in. Private networks are also hooked up to the Internet using a router that usually also acts as a firewall. The internal network of a company tends to be a private network. Most likely they have an address range like 192.168.1.101 192.168.1.223 or similar. These addresses are not accessible from the Internet. When this network is hooked up to the Internet, it will receive one public IP address that is accessible from the outside. This means that from the Internet, the entire private network will look like a single computer having a public IP address such as 86.176.45.9. The router will take care of distributing the incoming data among the internal computers. If a private network contains a server such as the memoq server, it will be accessible through two IP addresses: one private address, and one public address (that will probably be the single public address the network has). Range of IP addresses: IP address of the server: 192.168.1.101 192.168.1.223 86.176.45.9. (public address) 192.168.2.11 (private address) Funnily enough, the single external address of a private network can never be accessed from within the private network itself. This is to prevent circular traffic or direct feedback, which would mean a blowup of the amount of data transferred over the network, and would cause the network to stop functioning.

The memoq server in a Corporate Network LSP Guide 6 The Client Connect Address Problem The memoq server can have exactly one address where client computers can connect to it (client connect address). If the server that runs the memoq server software has two IP addresses, only one of those can be used to contact the server. In this setup, the following problems may happen: (1) If the client connect address is set to the internal IP address of the server, only the internal users can check out server projects from the server. External users will not be able to check out server projects. (2) If the client connect address is set to the external IP address of the server, only the external users can check out server projects from the server. This will not work for the internal users. If a mobile user brings her laptop into the internal network, she will not be able to access the same server projects that worked fine earlier. In all other respects, the server can be accessed both internally and externally because the client connect address is not used when the users access translation memories or term bases on the server without a server project.

The memoq server in a Corporate Network LSP Guide 7 5 Resolving the Client Connect Address Problem The client connect address problem goes away if you can use one single name or address for the server, and this name is equally valid in both the internal and external networks. We already know that this is not possible by using IP addresses. The problem can be solved by using DNS names instead of IP addresses. A DNS name or fully qualified domain name, FQDN is a friendly name for a computer that can be used in lieu of an IP address. For example, there is a computer with the IP address 195.56.44.105. This IP address is not known to many people because this computer is almost always accessed by the name www.kilgray.com. When you type the www.kilgray.com address into your browser, your computer will contact another server called the DNS (Domain Name System) server. This server is operated by your internet service provider (ISP). Its task is to find the IP address for names like this. In finding the IP address, the ISP s DNS server co-operates with other DNS servers on the Internet. By the clever use of DNS servers, it is possible to assign the same name (like www.kilgray.com ) to multiple IP addresses. This means that the server should be accessible by the name memoqserver.lspname.com both from the internal and the external computers. Let s suppose there is a memoq server in the internal network with an internal IP address of 192.168.2.11, and an external IP address of 81.195.46.7 The memoq server s client connect address is set to memoqserver.lspname.com. This setup works if the internal computers, when accessing memoqserver.lspname.com are directed to 192.168.2.11 (the internal IP address), and the external computers, when accessing the same domain name, are directed to 81.195.46.7. This means that the DNS servers should say different addresses to the internal and the external computers. There are two possible solutions to this: 1. Setting up an internal DNS server. This is the way to go if the internal network uses Active Directory. If you use Active Directory, at least one server in your organization should work as a DNS server anyway. You can create a zone for your lspname.com domain on the internal DNS server, and instruct it to return the internal IP address of the memoq server when queried. All other DNS queries (such as web page requests) should be forwarded to the external DNS server usually run by your ISP. The internal DNS server can do this easily. The internal computers and laptops brought in must be directed to the internal DNS server, but that is easily done through automatic IP configuration (present in almost every network).

The memoq server in a Corporate Network LSP Guide 8 This document does not contain detailed configuration instructions on setting this up since it depends on the type of the DNS server you are using. It also depends on the type of the device that distributes the IP addresses within the network. The latter can be a router/firewall or a separate computer (running mostly Linux or Windows) with DNS server software. Your IT staff must be able to set this up. 2. Using the HOSTS file. This approach is useful if you have no internal DNS server. Your internal computers use the external DNS server run by the internet service provider. However, there is a file in their system directory that needs to be modified. In Windows, the HOSTS file is in the following folder: C:\Windows\System32\drivers\etc It looks like this: Copyright (c) 1993-2006 Microsoft Corp. This is a sample HOSTS file used by Microsoft TCP/IP for Windows. This file contains the mappings of IP addresses to host names. Each entry should be kept on an individual line. The IP address should be placed in the first column followed by the corresponding host name. The IP address and the host name should be separated by at least one space. Additionally, comments (such as these) may be inserted on individual lines or following the machine name denoted by a '' symbol. For example: 102.54.94.97 rhino.acme.com source server 38.25.63.10 x.acme.com x client host 127.0.0.1 localhost ::1 localhost You need to add one line here: <internal_address_of_memoq_server> memoqserver.lspname.com Using the numbers from the previous example: 192.168.2.11 memoqserver.lspname.com This file contains exceptions to general DNS rules. The system supposes that every IP address should be queried from the external DNS server but these. You need to make this change on the internal computers. This way the DNS server will return the external IP address of the memoq server, but the internal computers will not use it. Instead, they will contact the memoq server using the internal address because of this extra line in the HOSTS file. Note that the second approach will not work with laptops unless the HOSTS file is modified each time the laptop is brought in and taken out.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information