1 / 44

Guide to Networking Essentials Fifth Edition

Guide to Networking Essentials Fifth Edition . Chapter 12 Network Administration and Support. Objectives. Manage networked accounts Monitor network performance Protect your servers from data loss. Managing Networked Accounts. The main tasks of network management

jana
Download Presentation

Guide to Networking Essentials Fifth Edition

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Guide to Networking EssentialsFifth Edition Chapter 12 Network Administration and Support

  2. Objectives • Manage networked accounts • Monitor network performance • Protect your servers from data loss Guide to Networking Essentials, Fifth Edition

  3. Managing Networked Accounts • The main tasks of network management • Make sure all users can access resources they’re allowed to access • Prevent users from accessing resources they don’t have permission to access • User account: collection of information about a user, including account name, associated password, and set of access permissions for network resources • Group: named collection of user accounts • Resource sharing specific to group’s needs Guide to Networking Essentials, Fifth Edition

  4. Creating User Accounts • Windows Server OSs come with two predefined accounts: Administrator and Guest • Users are discouraged from using these accounts • Assign the Administrator account a strong password and guard it carefully • It can be disabled (not recommended) or renamed • Before you begin to create accounts, you must make some network administration decisions • User names, passwords, logon hours, auditing, security Guide to Networking Essentials, Fifth Edition

  5. User Account Creation in Windows Guide to Networking Essentials, Fifth Edition

  6. User Account Creation in Windows (continued) Guide to Networking Essentials, Fifth Edition

  7. User Account Creation in Linux Guide to Networking Essentials, Fifth Edition

  8. Creating and Managing Groups in Windows • Assigning permissions with group accounts rather than user accounts is preferable • Group accounts are easier to keep track of • Two methods for adding users to a group • Open the account’s Properties dialog box, select the Member Of tab, and add the group(s) • Create a group account and add user accounts to it • In a Windows Server 2003 domain environment, there are multiple classifications of groups • Domain local, global, and universal groups Guide to Networking Essentials, Fifth Edition

  9. Creating and Managing Groups in Windows (continued) • Recommended guidelines for Windows domains • Global groups should include users from the same domain and other global groups in the same domain • Domain local groups can include users from any domain but should usually contain only global groups or other domain local groups • Domain local groups are used to assign rights and permissions to users who are members of global groups • Universal groups can contain one or more user accounts or global groups Guide to Networking Essentials, Fifth Edition

  10. Creating and Managing Groups in Windows (continued) Guide to Networking Essentials, Fifth Edition

  11. Creating and Managing Groups in Windows (continued) Guide to Networking Essentials, Fifth Edition

  12. Creating and Managing Groups in Linux Guide to Networking Essentials, Fifth Edition

  13. Creating and Managing Groups in Linux (continued) Guide to Networking Essentials, Fifth Edition

  14. Auditing • With auditing, you can keep track of what’s happening on a network (server) by configuring the server so that it records certain actions • How much you should audit depends on how much information you can store efficiently • Use auditing sparingly because it can adversely affect the availability of system resources • In Windows, auditing is enabled by using the Security Policy editor in Administrative Tools • Logs can be viewed in Event Viewer’s Security log • In Linux, logs are stored in /var/log Guide to Networking Essentials, Fifth Edition

  15. Monitoring Network Performance • When monitoring a network, ensure that cables are operational and network cards don’t conflict • Additional parameters to monitor • Data read from and written to server each second • Security errors (errors accessing data) • Connections currently maintained to other servers (server sessions) • Network performance parameters Guide to Networking Essentials, Fifth Edition

  16. Data Reads and Writes • Number of bytes read from and written to a server provides a useful measure of the server’s activity • Or count amount of data that can’t be read or written • On a Windows network, the server attempts to take large data streams not as sets of packets, but as streams of raw data unbroken by header information • Server’s refusal to accept many streams of raw data is a possible indication of server memory problems Guide to Networking Essentials, Fifth Edition

  17. Security Errors • A high rate of failed logons, failed access to objects, or failed changes to security settings could indicate a security risk on your network • Errors are events to watch for, and auditing helps you see who’s causing the errors • A protocol analyzer is a combination of hardware and software that can capture network traffic and create reports and graphs from the data it collects • Helps you find the source of errors, in case a user is being “spoofed” Guide to Networking Essentials, Fifth Edition

  18. Server Sessions • You can draw conclusions about server activity by observing details of server sessions • E.g., connections between network devices and server, rate at which connections to the server are made, and how they are broken (normal logoff, an error, or a server timeout) • Errors and timeouts can indicate that server is overloaded and is refusing connections or is unable to service them quickly enough • More RAM could solve the problem, or you might need to update other hardware Guide to Networking Essentials, Fifth Edition

  19. Network and System Performance • Windows Server 2003 performance monitoring • Event Viewer • Task Manager • Performance Monitor • Network Monitor • Linux servers have numerous comparable utilities Guide to Networking Essentials, Fifth Edition

  20. Event Viewer Guide to Networking Essentials, Fifth Edition

  21. Task Manager Guide to Networking Essentials, Fifth Edition

  22. Performance Monitor Guide to Networking Essentials, Fifth Edition

  23. Network Monitor Guide to Networking Essentials, Fifth Edition

  24. Total System Management • Events on the network aren’t the only influence • Must also consider what’s happening on the server side in hard drive performance and memory use Guide to Networking Essentials, Fifth Edition

  25. Hard Drive Performance • Performance Monitor is most useful for monitoring hard drives on a Windows network • To monitor HD performance, view: • Disk space remaining • Speed at which requests are serviced • How often the disk is busy • When monitoring drives, notice whether you’re viewing the physical or the logical disk object Guide to Networking Essentials, Fifth Edition

  26. Memory Use • Another major server issue: amount of memory available to service incoming requests • When the server has to page too much data (compared to a baseline performance), consider installing more memory • Page faults can be soft or hard • If too many hard pagefaults occur, response time slows considerably • The best measure of memory shortages is the rate of hard page faults Guide to Networking Essentials, Fifth Edition

  27. CPU Utilization • Monitoring CPU utilization (percentage of time CPU stays busy on average) is important • Can measure CPU utilization at a specific moment or over a longer period • Don’t let peaks at that level be a cause for alarm • When evaluating system health, best to monitor the % Processor Time counter for Processor object • Constant rates of 90% or higher might indicate the machine is overloaded • Evaluate other counters (e.g., Memory pages/sec) to make sure high utilization isn’t a secondary symptom Guide to Networking Essentials, Fifth Edition

  28. Network Statistics • You can monitor network statistics in Performance Monitor or Network Monitor on a Windows system • Performance Monitor: checks statistics for the Network Interface and protocol stack objects • Network Monitor: views error rates and investigates specific packets or errors • Utilization rates can also be meaningful • An average 80% utilization over time on a token ring network is perfectly acceptable, but the same utilization on an unswitched Ethernet network is not Guide to Networking Essentials, Fifth Edition

  29. Maintaining a Network History • Both Performance Monitor and Event Viewer can prepare log data you can use to keep long-term records of network performance and events • Long-term records are useful mostly for determining trends or noticing new problems • As with other forms of troubleshooting, to recognize “sick,” you must know what “healthy” looks like • Baseline: performance statistics of a healthy system Guide to Networking Essentials, Fifth Edition

  30. Avoiding Data Loss • Another aspect of data security involves protecting data from loss/destruction and unauthorized access • Protecting data on corporate computer systems should be an administrator’s top priority • The chances of a hard drive failing are probably higher than the risk of a break-in • In most cases, you can best protect data with a three-tiered scheme that reduces the chance of data loss, makes quick recovery from data loss easy, and, if all else fails, allows you to completely rebuild lost or corrupted data Guide to Networking Essentials, Fifth Edition

  31. Tape Backup • Backing up regularly and often is essential • Backup types • Normal • Incremental • Differential • Copy • Daily • Post backup schedule and assign a person to perform the backups and sign off on them daily • Make sure you can restore data • Tapes should be stored in a cool, dry, dark place Most useful as part of a regular backup schedule Guide to Networking Essentials, Fifth Edition

  32. System Repair or Recovery in Windows • Windows systems occasionally fail to boot, or exhibit problems or errors after booting that indicate the system is damaged or corrupted and possibly needs repair • Windows network OSs include repair utilities to correct these problems • Recovery Console • Last Known Good Configuration • System Restore • Driver Rollback Guide to Networking Essentials, Fifth Edition

  33. Recovery Console • The Recovery Console repair utility in Windows 2000/2003/XP is powerful • Command-line console supports 27 commands you can use on the system, such as repairing its partition table or replacing specific files and folders • Other commands: replace the Master Boot Record (fixmbr), write a new boot sector (fixboot), format hard disks (format), manage disk partitions (diskpart) Guide to Networking Essentials, Fifth Edition

  34. Last Known Good Configuration Guide to Networking Essentials, Fifth Edition

  35. System Restore • Restores a system to a previous state • Monitors all drives and partitions and records changes made to system files, such as the Registry, and some applications • When major changes are made, it creates a restore point so that the computer can be restored to its operating parameters before the changes, in case something goes wrong with a driver installation, application install, or Registry change • Users can create their own restore point • Can run from a regular boot or a Safe Mode boot Guide to Networking Essentials, Fifth Edition

  36. Driver Rollback • Included in Windows XP and Windows Server 2003, the Driver Rollback feature is used when a new driver installed for an existing device causes a problem with the system • To run this feature: • Open Device Manager • Double-click the device you want to roll driver back • Click the Driver tab • Click the Roll Back Driver button Guide to Networking Essentials, Fifth Edition

  37. Uninterruptible Power Supply • UPS: device with a built-in battery, power conditioning, and surge protection • A standby UPS normally supplies power to plugged-in devices by passing the AC power directly from the wall outlet to the device receptacle • An online UPS supplies power continuously to plugged-in devices through the UPS battery, which is recharged by the wall outlet power • Power conditioning cleans the power, removing noise caused by other devices on the same circuit • Surge protection keeps the computer from being affected by sags or spikes in power flow Guide to Networking Essentials, Fifth Edition

  38. Fault-Tolerant Systems • Fault-tolerant disk configurations: another method of data protection (hardware or software) • Two most popular configurations are disk mirroring (or duplexing) and disk striping with parity • These disk structures are based on redundant array of independent disks (RAID), so they can be built from standard hard disks using specialized disk controllers to create and manage special features associated with the type of RAID in use Guide to Networking Essentials, Fifth Edition

  39. Fault-Tolerant Systems (continued) Guide to Networking Essentials, Fifth Edition

  40. RAID 1: Disk Mirroring • Disk mirroring: two disks working in tandem • When data is written to one disk, it is also written to second disk, thus creating a constant backup of data • You can mirror a system disk so that if the boot disk crashes, the second one can take over • Normally, involves two HDs on a single controller • Disk duplexing is disk mirroring in which each disk has its own controller • Protects from controller failures and disk failures • Requires twice as much as the amount of data Guide to Networking Essentials, Fifth Edition

  41. RAID 5: Disk Striping with Parity Guide to Networking Essentials, Fifth Edition

  42. Intellimirror • Intellimirror: client/server application that runs on Windows Server 2000/2003 • Creates “smart” backup copy of a system on a server • If a user wants to log on to another machine on the network, that user’s home desktop can be re-created • Copies only items that the user requests • More capable than a system recovery or backup access mechanism • Can deploy, recover, restore, or replace user data, software, and personal settings Guide to Networking Essentials, Fifth Edition

  43. Summary • Main task of network management: ensure users can access resources they are allowed to access but can’t access what they don’t have permission to access • Windows groups in a Windows domain can be domain local, global, or universal • Permissions can be granted to user accounts or groups to control access to objects and resources on network • Monitor the performance of a Windows 2000/2003 Server network using Event Viewer, Performance Monitor, Task Manager, and Network Monitor Guide to Networking Essentials, Fifth Edition

  44. Summary (continued) • Avoid data loss by making regular data backups, using Intellimirror, and installing fault-tolerant system components • Windows 2000/2003/XP provides strong repair and recovery tools, such as Recovery Console, Last Known Good Configuration, System Restore, and Driver Rollback Guide to Networking Essentials, Fifth Edition

More Related