EntergyNET Standards for Internal (Intranet) Webservers

Contents

Minimum Hardware

All EntergyNET Webservers should have a minimum of 64 MB of RAM, and sufficient disk space for the storage of the operating system and Webserver software. A minimum of 512 MB of free disk space for the storage of HTML documents (or pages) and other data should also be available. The Webserver must be network connected, and have a DNS name assigned to it in addition to an I.P. address. A minimum of a 50 Mhz 486 processor is required, but a Pentium 75 or faster is strongly recommended.

Minimum Software

In addition to the operating system and a TCP/IP protocol stack, you must install the webserver software itself. Currently, most webservers in Entergy are using Netscape's Communications Server Version 1.0; however, we are presently upgrading to Netscape's Enterprise Server. It should run as a service (NT) or deamon (UNIX), and not require a manual restart everytime the box itself is rebooted.

UNIX Webmasters also need to install NFS on their webserver, and I:drive on the Pagemaster's desktop to allow pagemasters to attach to the UNIX Webserver using Windows File Manager, just as they would a Novell or NT file server. Windows NT Webmasters that serve pagemasters running Gold 5.x need to install Microsoft's File and Print Services to allow pagemasters to connect to the NT Webserver using Novell Netware client software.

A collection of common graphics for use by all pagemasters should also be installed, as discussed below under "Directory Structure." The Webserver should be configured to use a CGI-BIN directory, and a collection of CGI programs installed in the CGI-BIN directory. To download the latest collection of CGI programs, please refer to the Webmaster section of the Web Developers Library.

Directory Structure

The following illustration shows the recommended arrangement for document directories on an EntergyNET Webserver:

Directory StructureA directory named "HTDocs" is created on the root drive of the Webserver. A subdirectory directly under "HTDocs" is created named "graphics;" under which four more subdirectories are created named "icons," "logos," "pics," and "backimag." These are the common graphics directories; the latest contents of which can be found under the Webmaster section of the Web Developers Library.

In addition, a directory named CGI-BIN should also be created at the default location specified by the Netscape Server software during the setup process.

In addition to the graphics subdirectory, a subdirectory should be created for each Pagemaster under the HTDocs subdirectory. If the Webmaster has a large collection of information (such as the Nuclear information center or the Fossil Information Section) this information should also be stored in a separate subdirectory, and not in the HTDocs directory. This helps to keep the HTDocs directory uncluttered, and speed up access to the Webserver.

Access Methods

Access to EntergyNET Webservers in the past has been by one of two means: direct login and attachment, using Windows' File Manager; and through FTP using FTP client software. However, FTP is very cumbersome for most users, and software is readily available now for all Webservers that will allow the direct login and attachment method using Windows' File Manager. Therefore it is recommended that the direct login and attachment method be used only, and that FTP server be turned off at least on Windows NT Servers, since it can be the source of a potential security breech.

Security

Directory security on all EntergyNET Webservers should protect documents and data from access to the Webserver drive using either FTP or File Manager. Once this level of security is in place, a situation may arise where the Webmaster may decide to restrict access to the page contents stored in a particular area of the Webserver.

Directory Security on the Web Server

The standard directory permissions (set using UNIX or Windows NT security) will be developed by the Webmasters at the same time as the directory structures.

Security of Page Contents

The following guidelines should be followed for securing access to a particular collection of pages on an EntergyNET Webserver.

Restricted or Confidential Information Not Allowed

The Pagemaster is responsible to the owner of the data (i.e., page contents) for ensuring that no restricted or confidential information is published. The Pagemasters should make sure that the only information directly or indirectly accessible from their page is information that is suitable for viewing by all Entergy employees.

Suitability of Information For General Publication

There may be some information that, while it is not restricted or confidential, is not intended for use outside of a particular site or workgroup. The following methods of restricting access are available on a limited basis, subject to review by the Webmaster:

1. Protection of page data or links using Netscape security facilities. The Netscape IDs and passwords used must follow the naming, content, length, and change frequency standards as those for Windows NT (to be available by 9/30/96). The Webmaster is responsible for the administration of this security and for enforcing these standards. Use of this method is discouraged because of the additional administrative overhead it creates.

2. Protection of linked data residing on LAN file servers using Windows NT security facilities. This method is approved for limited use only under Windows NT using UNC (Universal Naming Convention); do not use this method on a Novell file server. The Pagemaster is responsible for the administration of this security.

Please note that the use of a Microsoft password on a document or spreadsheet, while not specifically disallowed, is not considered, by itself, to be an acceptable method of restricting access. Such security is trivial and easily circumvented.

We wish to reiterate that, pending the implementation of a truly secure network environment, no restricted or confidential information is to be published on the EntergyNET. The above methods are approved for limited use when access to non-confidential and non-restricted information is to be limited to a particular site or functional group.

Please refer to the Company Records: Accuracy, Accounting Practices, and Confidentiality section of the Entergy Corporation Code of Conduct for guidance on the appropriate treatment of confidential and proprietary information. Also, refer to the Document Management and Internet Technology at Entergy policies for additional requirements concerning privileged communications, sensitive documents, and confidential and proprietary information.

Administration

The Webmaster is the one responsible for the administration of the Webserver. This administration includes setting up the Webserver, assigning logon rights for the pagemasters, assisting them with the uploading of their information, monitoring the Webserver activity, and general maintenance of the Webserver. Some Webservers have two or more Webmasters, where one Webmaster assists pagemasters with logon rights and the uploading of information; while the other Webmaster actually runs the machine itself, and maintains the Webserver software and operating system.

All pagemasters are required to fill out the Pagemaster request form, and send to their Webmaster. It is up to the Webmaster to make sure that a completed Pagemaster request form has been received from all pagemasters. Webmasters may also be called upon to answer questions concerning the appropriateness of contents, and to resolve other issues such as websites that are not being kept current.

Backup Policy

All EntergyNET Webservers should be backed up on a regular basis. They should be included with the file servers and database servers located on site as part of a regular backup policy.

The direct logon and attachment method allows for pagemasters to maintain their content directly on the Webserver. This also means that pagemasters may no longer keep a backup copy of their website on a file server, as FTP once required. Therefore, it is even more imperative that every EntergyNET Webserver be part of a regular backup strategy, along with the file servers and database servers that are also on site.

Memory Leak in Netscape Communications Server for Windows NT

There is a memory leak in Netscape Communications Server for Windows NT that causes the server software to use up to 80% of its allocated resources, and not free it up when it is finished. This causes the Webserver to act "sluggish." The problem is even worst when another service such as WebBase or SQL Server are also running on the same box. If not addressed, the memory leak causes NT to all but shut down.

The solution to the problem is regularly restart the Webserver software using the Webserver Administration program. The actual frequency of restart depends on the level of activity; some Webservers may require a daily restart, while others may require a weekly or monthly restart. In the above mentioned situation where Netscape Server runs on the same box as another service, the interval should be short enough to allow all services to run at their peak level of performance.