When to Run a GUI Access Server


GUI access servers are most useful when a computer's primary function is to provide workstation-like functions to multiple or remote users. For instance, a company with a dozen employees might purchase one high- powered central system and a dozen much less powerful computers that function as GUI terminals for the central computer. This central system could host applications like StarOffice, The GIMP, KMail, and so on. Individuals would sit at the less-powerful systems, log into the central system, and run their applications remotely. Compared to an environment in which individuals sit at workstations that run their programs, this configuration offers several advantages, including:

  • Central software administration ” To add, delete, or upgrade an application, you need only modify the configuration on a single computer. (For many applications, an alternative is to use NFS to store applications on a file server, but run those programs on individual users' workstations.)

  • Simpler workstation configuration ” The workstations or other dedicated systems at which users sit can be very simple, both in terms of hardware and software. These systems will therefore require little in the way of routine maintenance and software updates. In some cases, you can handle these in a centralized manner, as well, if you use some variety of network boot protocol for the workstations. In fact, you can use a device known as an X terminal, which is a very simple computer that supports X and has little computing power of its own.

  • Central hardware upgrades ” If new or updated applications need hardware upgrades, a central server strategy allows you to perform upgrades on a single system, which can be simpler than upgrading a dozen or more computers. On the other hand, this also makes your workplace quite vulnerable to failure of the central system's hardware. This system must also have much more capable hardware than would any single workstation.

  • Central storage ” It's usually easier to back up a single system than an entire network of computers, so this approach can simplify data backups. Depending upon the client systems you use, they may require no backups, or they could use simple backups of a default configuration that would probably fit on a single CD-R.

  • Central user accounts ” Using a single system permits centralized maintenance of user accounts. Users may need accounts on only one computer, which can greatly simplify network configuration. (Depending upon the access terminals' types and configuration, though, users may need accounts on them, as well.) Users can sit at any computer, log in, and be greeted by their own desktops and user preferences. This feature also means that you can easily replace any individual's computer, since it contains little or nothing in the way of customizations. Another way to attain this goal is to use a centralized login server protocol such as Kerberos (described in Chapter 6, Authenticating Users via Kerberos).

Of course, a network configured in this way has its drawbacks, as well. Most importantly, the reliance upon a single computer means that if that system goes down, all the other computers become effectively useless. If you decide to configure a network in this way, you should be particularly diligent about backing up the central system, and have spare parts on hand in case of a failure. You might even want to configure a computer as a backup, ready to take over the primary system's duties on a moment's notice.

Even if you aren't configuring a large network for which you want to use a central system to handle all normal user logins, you might want to use a GUI login tool to allow smaller-scale or peer-to-peer logins. All your users might have their own workstations, for instance, but if they occasionally need to do work from remote locations, those workstations can be configured to accept remote accesses , allowing a user to work from another user's workstation, from home, or from some other location.

Remote GUI access tools are most often used on a local network. Because GUI displays transfer a great deal of data, the use of these protocols across the Internet at large often results in a sluggish display. Indeed, even on a local network with 100 Mbps hardware, GUI protocols are noticeably slower than local GUI displays, although the speed on a local network is usually acceptable. As with text-based remote access tools, GUI tools provide users with full login privileges, and a password must be exchanged, so there are security risks to running such protocols. (The VNC tools encrypt passwords but not regular data, reducing risks slightly. Using SSH for the initial login allows you to encrypt the password and all session data.)



Advanced Linux Networking
Advanced Linux Networking
ISBN: 0201774232
EAN: 2147483647
Year: 2002
Pages: 203

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net