Formation Arkoon – Arkoon Certified Security Administrator

• Objectif :
La formation ACSA permet de développer les connaissances et de certifier les compétences sur l’ensemble des solutions de la gamme Arkoon. A l’issue de cette session, les administrateurs réseaux sauront implémenter et exploiter les différentes fonctionnalités, et optimiser les performances de leur solution Arkoon.

• Contenu :
La suite de sécurité FAST360
– Les fonctionnalités des produits Arkoon
– La gamme des appliances Arkoon
Prise en main de l’appliance et première configuration
Outils d’administration Arkoon Manager et Arkoon Monitoring
Règles de flux et gestion des connexions
– Règles de flux explicites et implicites
– Suivi des connexions
– Gestion de la politique ICMP
Mécanismes de translation FAST360
– NAT statique
– Masquage source
– Translation destination (PAT)
Gestion des accès Internet
– Accès de secours, load balancing
Relais HTTP
– Fonctionnement du relais
– Filtrage d’URL (interne / externe)
– Authentification sur un serveur externe,
– Configuration NTLM
Relais FTP
Relais SMTP et POP3
– Fonctionnement du relais
– Règles anti-relaying
– Filtrage de contenu
– Anti-spam
VPN
– VPN LAN-to-LAN
– VPN avec nomade utilisant des certificats
– Client VPN Security BOX SmartConnect
Serveur et relais DHCP
Parc multi-appliances
Gestion des journaux
Supervision SNMP
Installation et maintenance
– Préparation d’une appliance de remplacement
– Maintenance et mises à jour
– Analyse de problèmes

• Profil du stagiaire :
Ingénieurs sécurité et réseau amenés à administrer ou à installer les produits UTM FAST360 Arkoon.

• Pré-requis :
Connaissances TCP/IP, pratique des réseaux (installation de serveur, de routeurs…) et
maîtrise des translations (NAT, PAT,masquage…).

• Effectif :
3 stagiaires min. et 12 max.

• Durée : 4 jours

• Lieu : Montreuil

• Examen :
La certification ACSA(Arkoon Certified Security Administrator) se présente sous la forme d’un QCM d’une durée d’1h et intervient à la fin de la formation.

• Prix de la formation :
1 990 € HT (Formation et examen compris)

Inscription par email sur commercial (@) naxios.fr

Script VBS pour créer une ressource sur un cluster

Vous voulez lancer un script dans un cluster Windows MSCS, il faut respecter un prototype minimum pour que le service cluster puisse l’appeler et vérifier qu’il est actif et vivant.

Voilà les fonctions minimales:

Open()
Online()
Offline( )
Close()
Terminate( )
LooksAlive( )
IsAlive( )

Dans la suite c’est copier coller de différentes sources, que j’ai mis là pour les regrouper et les retrouver facilement.

 

A control script consists of a set of entry point functions (for example, IsAlive) for the Generic Script resource DLL. The Resource Monitor calls these scripted entry point functions during cluster operation. Except for the Open function, the scripted entry point functions serve the same purpose as the same-named resource DLL entry point functions implemented using the Failover Cluster API. For more information, see Implementing Resource DLLs.

A control script must implement the LooksAlive and IsAlive functions and can also implement the functions Open, Online, Offline, Close, and Terminate.

Note  You should not store control script files on cluster disks. Although these drives may seem to be the ideal location because all nodes in the cluster can access them, storing control script files there causes problems when you upgrade either the Cluster service or the application software, especially if the cluster is in a production environment. Such upgrades require the cluster to be shut down completely. If you choose instead to install control script files on all nodes in the cluster, you can use a rolling upgrade approach—upgrading each node individually—without affecting the operation of the cluster.

Script Execution

A Resource Monitor call to either of the time-critical entry point functions LooksAlive or IsAlive executes directly, without calling other entry point functions and without loading or unloading the script. A Resource Monitor call to any other entry point function (for example, Online) generates associated Resource Monitor entry point function calls (for example, to Open) and may cause the script to load or unload. For more information on the Resource Monitor actions for each entry point function call, see the following table.

In a control script, code within the script body, outside any of the entry point functions, is executed when the script is loaded. Code within an entry point function is executed whenever that function is called. For example, code within the Open function is executed not only when the script is opened, but also when Open is called prior to Online or Close

 

The Resource object is an object automatically created by the Generic Script resource DLL for each instance of a scripted resource. Your script can use the methods and properties of the Resource object to identify the resource, log information about the resource, and manipulate private properties.

Function name
Resource monitor actions

Open
Perform when the script is opened. Resource Monitor will:

  • load the script
  • call Open
  • call Close
  • unload the script

Online
Perform when the resource is placed online. Resource Monitor will:

LooksAlive
Perform one or more very fast, cursory checks of the specified instance with the emphasis on detecting potential problems rather than verifying operational status. IsAlive will determine whether the instance is really operational. Take no more than 300 milliseconds to return a value. Resource Monitor calls LooksAliverepeatedly at a specified time interval (for example, once every five seconds).

IsAlive
Perform a complete check of the resource to see if it is functioning properly. The set of procedures you need to use depends on your resource. For example, a database resource should check to see that the database can write to the disk and perform queries and updates to the disk. If the resource has definitely failed, return FALSE. The Resource Monitor immediately sets the status of the resource to « ClusterResourceFailed » and calls the Terminate entry point function. Resource Monitor calls IsAliverepeatedly at a specified time interval (for example, once every sixty seconds).

Offline
Perform when the resource is placed offline. Resource Monitor will:

Close
Perform when the script is closed. Resource Monitor will:

  • load the script
  • call Open
  • call Close
  • unload the script

Terminate
Perform when terminating the script. Resource Monitor will:

  • load the script (if not already loaded)
  • call Open
  • call Terminate
  • call Close
  • unload the script
Parameters and Return Values

Parameters are not passed in a call to an entry point function in a script.

An entry point function can optionally set a return value. A return value of zero (or « true ») indicates success and does not appear in the cluster log. The functions LooksAlive and IsAliveshould return the Boolean « true » rather than a numeric zero. Success is assumed if the return value is not set explicitly in the function.

A non-zero return value (or false) indicates failure and appears in the cluster log.

Accessing Resources

The Generic Script resource DLL creates a Resource object for each scripted resource instance. The Resource object enables a control script to log information, manipulate properties, and access the resource name. For more information, see Resource Object.

Note  To avoid deadlocks, do not use the Cluster Automation Server, the Failover Cluster WMI Provider, or otherwise make any calls to the Cluster API from your control script. All interaction with the cluster should be done through the Resource object.

Instance Management

For each instance of a scripted resource, the Generic Script resource DLL runs an instance of a control script in a separate thread. Thus there is no need to implement instance management in a control script; as far as a control script is concerned, there is one and only one resource instance.

Control Script Layout

The following example illustrates the layout of a control script in VBScript that implements all the supported entry point functions. For executable script resource examples, see Scripted Resource Example.

'   ... Insert your script-level global variables and definitions here
'   ... e.g. Resource.LogInformation("ScriptWide Global Stuff is Run")
'   ... Code placed here is outside any entry point function.
'   ... It is run once when the script is created
'   ... and once when the script is placed online.

Function Open( )
'   ... Insert your Open code here.
End Function

Function Online( )
'   ... Insert your Online code here.
'   ... Online is executed once when the resource is placed online.
End Function

Function LooksAlive( )
'   ... Insert your LooksAlive code here.
'   ... LooksALive is executed at specified intervals.
End Function

Function IsAlive( )
'   ... Insert your IsAlive code here.
'   ... IsAlive is executed at specified intervals
'   ... or when a LooksAlive call fails.
End Function

Function Offline( )
'   ... Insert your Offline code here.
'   ... Offline is executed once when the resource is placed offline.
End Function

Function Close( )
'   ... Insert your Close code here.
End Function

Function Terminate( )
'   ... Insert your Terminate code here.
'   ... Terminate is executed once when the script terminates.
End Function

Voici un exemple de script tout fait, à mettre comme une ressource

Function Offline( )
Resource.LogInformation "Entering Script Offline"
Offline = 0
End Function

Function Close()
Close = 0
End Function

Function Terminate( )
Terminate = 0
End Function

Function LooksAlive( )
Resource.LogInformation "Entering Script LooksAlive"
LooksAlive = true
End Function

Function IsAlive( )
Resource.LogInformation "Entering Script IsAlive"
IsAlive = true
End Function

Function Open( )
Open = 0
End Function

Function Online( )
Resource.LogInformation "Entering Script Online"
On Error Resume Next

strComputer = "."
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set nodeInfo = objWMIService.ExecQuery("Select Name from Win32_ComputerSystem")

For Each objNode in nodeInfo

If objNode.Name = "MACHINENOEUD1" Then
Resource.LogInformation "Custom Script will run here. "

' PLACE CUSTOM SCRIPT HERE

Else
Resource.LogInformation "Custom Script will not run here. "
End If

Next

Online = 0
End Function

Function Offline( )
Resource.LogInformation "Entering Script Offline"
Offline = 0
End Function

Function Close()
Close = 0
End Function

Function Terminate( )
Terminate = 0
End Function

Function LooksAlive( )
Resource.LogInformation "Entering Script LooksAlive"
LooksAlive = true
End Function

Function IsAlive( )
Resource.LogInformation "Entering Script IsAlive"
IsAlive = true
End Function

Exemple numéro 2 un peu plus complexe

'Script-Level Global Variables
Resource.LogInformation("Script-wide code begins execution")
Dim WshShell, oExec, oLooksAlive, oIsAlive, oWait
Set WshShell = CreateObject("WScript.Shell")
Dim fso
Set fso = CreateObject("Scripting.FileSystemObject")

Function Online( )
'   ... Create a network share...
Resource.LogInformation "Entering Online"
'   ... Prompt console operator for a sharename if none provided...
If Resource.Sharename = "" Then
Resource.LogInformation "You need to set the sharename private property before attempting to go online"
'   ... No-zero return code will appear in console log...
Online = 1
Exit Function
End If
'   ... Prompt console operator for a sharepath if none provided...
If Resource.SharePath = "" Then
Resource.LogInformation "You need to set the SharePath private property before attempting to go online"
Online = 1
Exit Function
End If

Set oExec = WshShell.Exec("net share """ & Resource.ShareName & """=""" & Resource.SharePath & """")
'   ... Allow time for operation to complete...
Do While oExec.Status = 0
Set oWait = WshShell.Exec("sleep 1")
Loop
If oExec.ExitCode <> 0 Then
Resource.LogInformation "net share """ & Resource.ShareName & """=""" & Resource.SharePath & """ command failed"
Resource.LogInformation oExec.StdErr.ReadAll
End If
Online = oExec.ExitCode
End Function

Function Offline( )
Resource.LogInformation "Entering Offline"
Set oExec = WshShell.Exec("net share """ & Resource.ShareName & """ /delete")
Do While oExec.Status = 0
Set oWait = WshShell.Exec("sleep 1")
Loop
If oExec.ExitCode <> 0 Then
Resource.LogInformation "Failed to disconnect the resource to an offline status gracefully"
Resource.LogInformation oExec.StdErr.ReadAll
End If
Offline = oExec.ExitCode
End Function

Function LooksAlive( )
Resource.LogInformation "Entering LooksAlive"
Set oLooksAlive = WshShell.Exec("net share """ & Resource.ShareName & """")
Do While oLooksAlive.Status = 0
Set oWait = WshShell.Exec("sleep 1")
Loop
If oLooksAlive.ExitCode <> 0 Then
Resource.LogInformation "net share """ & Resource.ShareName & """ command is failing with"
Resource.LogInformation oLooksAlive.StdErr.ReadAll
End If
LooksAlive = oLooksAlive.ExitCode
End Function

Function IsAlive( )
Resource.LogInformation "Entering IsAlive"
Set oIsAlive = WshShell.Exec("net share """ & Resource.ShareName & """")
Do While oIsAlive.Status = 0
Set oWait = WshShell.Exec("sleep 1")
Loop
If oIsAlive.ExitCode <> 0 Then
Resource.LogInformation "net share """ & Resource.ShareName & """ command is failing with"
Resource.LogInformation oIsAlive.StdErr.ReadAll
End If
If (fso.FolderExists(Resource.SharePath) = False) Then
Resource.LogInformation "folder " & Resource.SharePath & " no longer exists"
IsAlive = 1
Exit Function
End If
IsAlive = oIsAlive.ExitCode
End Function

Function Open( )
If Resource.PropertyExists("ShareName") = False Then
Resource.AddProperty("ShareName")
End If
If Resource.PropertyExists("SharePath") = False Then
Resource.AddProperty("SharePath")
End If
Open = 0
End Function

Function Close( )
Close = 0
End Function

Function Terminate( )
Resource.LogInformation "Entering Terminate"
Set oExec = WshShell.Exec("net share """ & Resource.ShareName & """ /delete")
Do While oExec.Status = 0
Set oWait = WshShell.Exec("sleep 1")
Loop
If oExec.ExitCode <> 0 Then
Resource.LogInformation oExec.StdErr.ReadAll
End If
Terminate = oExec.ExitCode

End Function

Exemple 3 affichage de la timezone

Function Online( )
'
'   Application VBScript uses WMI to reveal the node's local time zone description
'
On Error Resume Next
'
'   For the local computer only...
'
strComputer = "."
'
'   ... query the property...
'
Set objWMIService = GetObject("winmgmts:\\" & strComputer & "\root\cimv2")
Set colItems = objWMIService.ExecQuery("Select * from Win32_TimeZone",,48)
'
'   ... and output the local time zone to the log
'
For Each objItem in colItems
Resource.LogInformation "Local Time Zone is: " & objItem.Description
Next
'   ... Return success
Online =  true
End Function
Function LooksAlive( )
LooksAlive = true
End Function
Function IsAlive( )
IsAlive = true
End Function