Network Access Control; High Availability; Running The Service - Novell ZENWORKS ENDPOINT SECURITY MANAGEMENT 3.5 - ADMINISTRATION Administration Manual

2.2.2 Network Access Control

The Distribution Server can be further protected from unauthorized access by restricting network
access to it. This may take the form of some or all of the following:
Restricting incoming connection attempts to those ports and protocols from which a valid
access attempt might be expected
Restricting outgoing connection attempts to those IP addresses to which a valid access attempt
might be expected
Restricting outgoing connection attempts to those ports and protocols to which a valid access
attempt might be expected
Such measures can be imposed through the use of standard firewall technology.

2.2.3 High Availability

High Availability mechanisms for the Distribution Server should be put in place if an organizational
risk assessment identifies a need for such steps. There are multiple alternative mechanisms for
building high availability solutions, ranging from the general (DNS round-robining, layer 3
switches, etc.) to the vendor specific (the Microsoft* web site has multiple resources on high
availability web services and clustering issues). Those implementing and maintaining a ZENworks
Endpoint Security Management solution should determine which class of high availability solution
is most appropriate for their context. Note that the Distribution Server has been architected to
function in non-high-availability situations, and does not require High Availability to provide its
services.

2.3 Running the Service

The Policy Distribution Service launches immediately following installation, with no reboot of the
server required. The Management Console can adjust upload times for the Distribution Service
using the Configuration feature (see Section 5.3.1, "Infrastructure and Scheduling," on page 44).
Policy Distribution Service 19