Personal Workstation and Server Differentiation

Generally, how is a Personal Workstation different than a Server?

A Personal Workstation should be a very simple configuration. As security is such a large issue in the academic environment, a Personal Workstation is seen as having few services and few users. Usage would mostly come from the console.

A Server is a system which offers a variety of services (e.g. file, print, web, mail, account info, etc.) where sufficient access comes remotely (i.e. from other systems on the network/Internet).

Every service made available via the network can potentially be a target to those wishing to break in. Not every service requires accounts, but some of the more powerful ones do (e.g. telnet, ftp, and their encrypted equivalents). Therefore, user accounts are also a risk.

Every valid user should have an account – group accounts should be avoided (unless access is limited to those who already have accounts – and access can be tracked to the user). Dormant accounts with useful data, should have their accounts closed and the data moved to another owner.

How is this new support model different than before

The previous model was to encourage owners with servers to get higher support (e.g. the support level being HIGH) than those with workstations. Workstations were configured similarly to servers. Unix vendors also have workstation/server differentiations, but for higher education, those lines are usually blurred. Therefore, it made sense to treat workstations as servers for the sake of cost efficiency in regards to purchases (i.e. server licenses would not necessarily have to be purchased).

As the Internet has grown, security has become a much greater issue. And in turn, it makes sense for us to disable unused services. Maintaining lists of valid services per system generates many variable configurations. It has been communicated to us that pricing of our support is a concern and thus providing standards is a way to keep costs down. One of the changes that has emerged due to client feedback is to setup servers and workstations. Workstations are very simple boxes getting patches and upgrades. Servers are more complex and variable getting the same service.

Specifically, how is a Personal Workstation different from a Server?

It depends. If your machine is part of an NIS domain (formerly and commonly known as a YP domain), then we have different criteria.

  • Part of an NIS domain: A Server will tend to have all the common services and maybe a few less common. Examples are NIS (account info), NFS (file services), a Mail hub, Web serving, etc.
    • Home directories for Personal Workstations will be pulled from the server. No exporting of file systems.
    • The machine will function as a Mail client, with the mail hub (server) handling the processing of mail.
  • Stand-alone:If there are no more than 3 users and the configuration is simple, then it can be classified as a Personal Workstation. We selected 3 users as the main criterion to allow flexibility beyond a single user.
    • Home directories for 3 or less users can be local.
    • The machine can function as a Mail hub for 3 or less users.
    • One specialized (i.e. 3rd party apps) application will be allowed, two apps will be considered a server.