Setting Connections between Several Dr.Web Servers |
To use several Servers in an anti-virus network, you should set up connections between these Servers. It is advisable to make a plan of the anti-virus network structure first. All data flows, connections of the "peer to peer" and "parent-child" types should be indicated. Then, each Server included into the network connections with any "neighboring" Servers ("neighbors" have at least one dataflow between them) should be set up. After that, for each Server included into the network, you should set up connections with "neighboring" Servers ("neighbors" have at least one data flow between them). Example of configuring of a connection between Parent and Child Dr.Web Servers
1.Make sure that both Dr.Web Servers operate normally. 2.To each of Dr.Web Servers give “meaningful” names, as it will help prevent mistakes while connecting and administering Dr.Web Servers. You can change the names through Dr.Web Security Control Center menu: on the tab in the field. In this example we name the parent Server MAIN, and the child Server—AUXILIARY. 3.On both Dr.Web Servers, enable the server protocol. To do this, on Dr.Web Security Control Center menu, select . On the tab, set the flag (see p. Modules).
4.Restart both Dr.Web Servers. 5.Via Dr.Web Security Control Center of the child Server (AUXILIARY), add the parent Server (MAIN) to the list of neighbor Servers. To do this, select item in the main menu. A window with the hierarchical list of the anti-virus network will be opened. To add a Server to the list, click the on the toolbar. A window with connection settings between the current and a new Server will be opened. Specify the following parameters: • of creating neighbor is . •—the name of the parent Server (MAIN). •*—an arbitrary password to access the parent Server. •—the list of SSL certificates of configuring Server. Click and select the drwcsd-certificate.pem certificate file of the current Server. To add one more certificate, click and add the certificate to a new field. •*—the list of SSL certificates of connecting parent Server. Click and select the drwcsd-certificate.pem certificate file of the parent Server. To add one more certificate, click and add the certificate to a new field. •*—the network address of the parent Server and the connection port. Use the following format: <Server_address>:<port>. You can browse the list of Servers, available in the network. To do this: a)Click the arrow on the right of the field. b)In the opened window, specify networks in the following format: with a hyphen (for example, 10.4.0.1-10.4.0.10), separated by a comma with a whitespace (for example, 10.4.0.1-10.4.0.10, 10.4.0.35-10.4.0.90), with a network prefix (for example, 10.4.0.0/24). c)Click to browse the network for available Servers. d)Select the Server in the list of available Servers. Its address will be set to the Address field to create connection. •—you can specify the address of a start web page for Dr.Web Security Control Center of the main Server (see p. Dr.Web Security Control Center). •In the drop-down lists, specify the type of creating neighbor Servers connection. •In the and drop-down lists, specify parameters of traffic encryption and compression between connecting Servers (see p. Traffic Encryption and Compression). •—time period on which licenses are donated from the key on the parent Server. The setting is used if the parent Server donates licenses to the current Server. •—the setting is not used in creating a parent Server. •—interval for synchronizing information about donating licenses between Servers. •Flags in , and sections are set according to parent-child type of connection and cannot be changed: ▫parent Server sends licenses to child Servers; ▫parent Server sends updates to child Servers; ▫parent Server receives information about events from child Servers. •Configure administrator notification: ▫Set the flag to send notifications to the administrator about the events received from the configuring child Server. If the flag is cleared, the administrator will receive notifications on events only on the own Server. You can configure the sending of certain notifications in the Notification Configuration section. ▫Set the flag to send notifications to the administrator about the events received from the configuring child Server in case of security threat detection by known hashes of threats. If the flag is cleared, the administrator will receive notifications on events only on the own Server. You can configure the sending of certain notifications in the Notification Configuration section.
•In the section, you can configure the schedule of events transmission from the current Server to the parent one (editing of the table is the same as editing schedule table in the Update Restrictions for Workstations section). Click . As a result, the Parent Server (MAIN) will be included to the and folders (see Figure below). Open Dr.Web Security Control Center of the parent Server (MAIN) and add the child Server (AUXILIARY) to the list of neighbor Servers. To do this, select item in the main menu. A window with the hierarchical list of the anti-virus network will be opened. To add a Server to the list, click the on the toolbar. A window with connection settings between the current and a new Server will be opened. Specify the following parameters: • of creating neighbor is . •—the name of the child Server (AUXILIARY). •*—type the same password as at step . •—the list of SSL certificates of configuring Server. Click and select the drwcsd-certificate.pem certificate file of the current Server. To add one more certificate, click and add the certificate to a new field. •*—the list of SSL certificates of connecting child Server. Click and select the drwcsd-certificate.pem certificate file of the child Server. To add one more certificate, click and add the certificate to a new field. •—you can specify the address of a start web page for Dr.Web Security Control Center of the child Server (see p. Dr.Web Security Control Center). •In the drop-down lists, specify the type of creating neighbor Servers connection. •In the and drop-down lists, specify parameters of traffic encryption and compression between connecting Servers (see p. Traffic Encryption and Compression). •—the setting is not used in creating a child Server. •—period till the license expiration, starting from which the child Server initiates renewal of the license which is accepted from the current Server. The setting is used if the child Server accepts licenses from the current Server. •—interval for synchronizing information about donating licenses between Servers. •Flags in and sections are set according to parent-child type of connection and cannot be changed: ▫child Server receives licenses from the main Server; ▫child Server receives updates from the main Server; ▫child Server send information about events to the main Server. •The option is disabled and cannot be changed, because the child Server does not receive events from the main Server. •In the section, you can configure the schedule of updates transmission from the current Server to the child one (editing of the table is the same as editing schedule table in the Update Restrictions for Workstations section). Click . As a result, the child Server (AUXILIARY) will be included to the and folders (see Figure below). Wait until the connection between Servers is established (usually it takes not more than a minute). Press f5 from time to time to update the Servers list. After the Servers have been connected, the child Server (AUXILIARY) will move from the folder to the folder (see Figure below). Open Dr.Web Security Control Center of the child Server (AUXILIARY) to make sure that the parent Server (MAIN) is connected to the child Server (AUXILIARY) (see Figure below).
Connection between two Dr.Web Servers can be failed because of the following reasons: •Network problems. •Wrong address of the parent Server was set during connection setup. •Wrong certificates at one of connecting Servers. •Wrong access password at one of connecting Servers (passwords on connecting Servers do not match). If you need to establish a new interserver connection between Servers of 10 and 11 versions, perform the following additional actions: 1.When creating a connection, specify the public key of the Server v.11 on the Server v.10. 2.Generate certificate from the private key of the Server v.10 using the drwsign utility (the gencert command) from the Server v.11 kit (see the document, p. H9.1. Digital Keys and Certificates Generation Utility). Specify this certificate when creating a connection on the Server v.11. |