Chapter 3: Terminal Server and Supporting Computing Models

 

 

This chapter will review how Server Based Computing complements and improves the performance and security of a wide variety of computing models including client-server, N-tier, Traditional Networking, and Mainframe computing. Performance and security are improved with each computing model by using the same principle, moving the client software from PCs to centrally managed Terminal Servers.

 

Client-server and N-tier computing models distribute application processing, data, and network traffic between PCs and servers. The Client-server Computing Model has been in use since the late 1980s and has been widely adopted in the public and private sectors. It distributes the processing of applications among different servers in the network. In this model, there is a client workstation, usually a PC, and front- and back-end servers (in most cases, the back-end server hosts a database). The client makes a request to the front-end server, and the front-end server acts as an intermediary between the client and the back-end server. The front-end server passes the query to the back-end server, and then the back-end server retrieves the requested information, formats it, and sends it back to the client. Note that the distinction between client-server and N-tier is that client-server refers to older multiple tier applications like email and N-tier refers to multiple tier web applications.

 

In a client-server environment, client-server software is installed and maintained on the PC and local computing resources such as processor, memory, and disk are used to run the client-server software. The application and data processing is done on the PC; back-end processing is done on the respective back-end server. PCs communicate directly to the respective back-end server. Application data can be stored locally on a PC as well as on servers. All traffic between PCs and servers travel over the network. The client-server model is most prevalent in today’s business environments.

 

Figure 3.1 shows PCs in a typical client-server environment with client-server software communicating over the network to their respective back-end server.

 

Figure 3.1

 

 

To betterexplain the difference between client-server and the Server Based Computing, let’s review the client-server communication between an email client and email server. Email is a common client-server solution that has a centralized mail server within a distributed client environment. The email client software is distributed, installed, and configured on each PC. Each PC then communicates directly with a mail server using one or more services, protocols, and ports, depending on business requirements.

 

Table 3.1 shows the service, protocol, and port used for email client to server communication.

 

Table 3.1

 

Email client to server communication can rely on one or more services and protocols for client to server communication. Email bandwidth utilization with any of the listed services is considered moderate to heavy depending on a variety of factors, such as email content, attachment size, and client to server synchronization schedules.

 

Figure 3.2 shows email client to mail server traffic.

 

Figure 3.2

 

Figure 3.2 shows four PCs with locally installed email clients, with each client communicating directly to an email server. The router is filtering traffic, allowing POP3 traffic to flow from each PC to the Email Server.

 

Server Based Computing with Terminal Server compliments and improves client-server computing by moving the client software from the PCs to centrally managed Terminal Servers. Server Based Computing centralizes the administration and management of client-server applications along with the centralization and management of network traffic.

Because desktop applications are centrally managed in the data center on Terminal Servers, updates and patches management aregreatly simplified in contrast to a client-server model where applications are managed on each PC. Terminal Server eliminates the risk of updating PCs that may be off-line or PCs with faulty software distribution clients or users who simply refuse to run updates. Additionally, because all applications are executing on the Terminal Servers, no information is cached locally on the PCs, thereby reducing the risk of proprietary information residing in a non-secured PC. The applications deployed in a Terminal Server environment minimize the need for open ports between the user and data center networks, thereby eliminating multiple entry points for attackers and malware into the network. Terminal Server uses one port for client-server communication. Traditional client-server applications require a variety of ports as shown above in Figure 3.1. Maintaining a small list of ports for all client-server access greatly simplifies the management and security of the data center network.

 

In contrast to client-server traffic, which is considered moderate to heavy, RDP traffic is minimal as only keyboard, mouse, screen updates and occasional print traffic travel over the network. Server Based Computing actually centralizes network traffic as the bulk of traffic flows between back-end systems, such as between Terminal Servers and email, web, database and file servers on the same or adjacent network. Server Based Computing and centralization of computing resources ensure that as little data as possible traverses over a network, promoting efficiencies in bandwidth management and bandwidth utilization and provide a positive and consistent user experience.

 

Figure 3.3 shows a Terminal Server environment hosting an email client. The actual client-server traffic that travels over the network is RDP not POP3.

 

Figure 3.3

 

The above examples highlight the differences between the client-server model and Server Based Computing. They also show how Server Based Computing with Terminal Server complements and improves the performance and security of client-server applications by moving them from PCs to the data center where they can be centrally managed on a Terminal Server.

 

The traditional networking model leverages a centralized file server that is accessed directly by PCs. At the heart of the traditional network model is the network server that authenticates users and stores data or functions as a centrally located print server for the entire network. File and print services are available to client workstations (generally PCs) located on the local area network (LAN) or wide area network (WAN). Users would authenticate to a file and print server and theassociated home directory and printer information would be established. Note that the traditional network model predates the concept of user domains. With the traditional network model, the processing is distributed between the PC and the server and PCs communicate directly with the file and print servers.

 

Figure 3.4 shows the traditional networking model.

 

Figure 3.4

 

Client workstations can either download data files from a network server or open a data file on the file server. When the client accesses a file located on the server, the server’s file system locks the file and makes it read only. This mechanism protects the data from being changed by more than one client at a time while it is being accessed. The client workstations run applications locally using local memory, processing, and hard drives. Clients essentially use the network server as a remote hard drive or network printer. A centralized print server allows a systems administrator to back up mission-critical data in one location rather than at each client workstation.

 

The traditional network model is common in small and mid-sized business environments because of its relative simplicity and minimal maintenance requirements. However, when the user population exceeds 100, performance decreases. The performance decreases area result of the file server maintaining client connections via a “keep-alive” message service, even when no work is being performed. This model is very bandwidth intensive because of the traffic between the PC and server.

 

The traditional networking model is enhanced by integrating domain authentication, authorization, file and print services in the form of home directories, mapped network drives and network printing within a Terminal Server environment. Terminal Servers are placed next to the file server, reducing file access time and bandwidth utilization.

 

Terminal Server users can use what isreferred to as a Terminal Server user profile. Terminal Server user profiles are configured globally within Active Directory and are an attribute of a Windows user account. A Terminal Server user profile contains user defaults such as home directory settings and logon scripts. After a user authenticates, the Terminal Server user profile establishes the user’s environment by mapping his or her home directory, network shares, and network or locally attached printers, making them available from within the Terminal Server session.

 

The traditional networking model along with client-server, N-Tier, and Mainframes are a great fit for a Server Based Computing environment.

 

The next list highlights the pros and cons of Server Based Computing.

 

The pros of the Server Server-Based Computing are

 

The cons of the Server-Based Computing with Terminal Server are

This chapter discussed how Server Based Computing complements and improves the performance and security posture of N-tier, Traditional Networking, and Mainframe computing and concluded with the pros and cons of Server Based Computing.

 

Client-server & N-tier Models

 

Traditional Networking Model