Guide to Networking Essentials Fifth Edition

1
Guide to Networking EssentialsFifth Edition

• Chapter 12
• Network Administration and Support

2
Objectives

• Manage networked accounts
• Monitor network performance
• Protect your servers from data loss

3
Managing Networked Accounts

• The main tasks of network management
• Make sure all users can access resources theyre
  allowed to access
• Prevent users from accessing resources they dont
  have permission to access
• User account collection of information about a
  user, including account name, associated
  password, and set of access permissions for
  network resources
• Group named collection of user accounts
• Resource sharing specific to groups needs

4
Creating User Accounts

• Windows Server OSs come with two predefined
  accounts Administrator and Guest
• Users are discouraged from using these accounts
• Assign the Administrator account a strong
  password and guard it carefully
• It can be disabled (not recommended) or renamed
• Before you begin to create accounts, you must
  make some network administration decisions
• User names, passwords, logon hours, auditing,
  security

5
User Account Creation in Windows
6
User Account Creation in Windows (continued)
7
User Account Creation in Linux
8
Creating and Managing Groups in Windows

• Assigning permissions with group accounts rather
  than user accounts is preferable
• Group accounts are easier to keep track of
• Two methods for adding users to a group
• Open the accounts Properties dialog box, select
  the Member Of tab, and add the group(s)
• Create a group account and add user accounts to
  it
• In a Windows Server 2003 domain environment,
  there are multiple classifications of groups
• Domain local, global, and universal groups

9
Creating and Managing Groups in Windows
(continued)

• Recommended guidelines for Windows domains
• Global groups should include users from the same
  domain and other global groups in the same domain
• Domain local groups can include users from any
  domain but should usually contain only global
  groups or other domain local groups
• Domain local groups are used to assign rights and
  permissions to users who are members of global
  groups
• Universal groups can contain one or more user
  accounts or global groups

10
Creating and Managing Groups in Windows
(continued)
11
Creating and Managing Groups in Windows
(continued)
12
Creating and Managing Groups in Linux
13
Creating and Managing Groups in Linux (continued)
14
Auditing

• With auditing, you can keep track of whats
  happening on a network (server) by configuring
  the server so that it records certain actions
• How much you should audit depends on how much
  information you can store efficiently
• Use auditing sparingly because it can adversely
  affect the availability of system resources
• In Windows, auditing is enabled by using the
  Security Policy editor in Administrative Tools
• Logs can be viewed in Event Viewers Security log
• In Linux, logs are stored in /var/log

15
Monitoring Network Performance

• When monitoring a network, ensure that cables are
  operational and network cards dont conflict
• Additional parameters to monitor
• Data read from and written to server each second
• Security errors (errors accessing data)
• Connections currently maintained to other servers
  (server sessions)
• Network performance parameters

16
Data Reads and Writes

• Number of bytes read from and written to a server
  provides a useful measure of the servers
  activity
• Or count amount of data that cant be read or
  written
• On a Windows network, the server attempts to take
  large data streams not as sets of packets, but as
  streams of raw data unbroken by header
  information
• Servers refusal to accept many streams of raw
  data is a possible indication of server memory
  problems

17
Security Errors

• A high rate of failed logons, failed access to
  objects, or failed changes to security settings
  could indicate a security risk on your network
• Errors are events to watch for, and auditing
  helps you see whos causing the errors
• A protocol analyzer is a combination of hardware
  and software that can capture network traffic and
  create reports and graphs from the data it
  collects
• Helps you find the source of errors, in case a
  user is being spoofed

18
Server Sessions

• You can draw conclusions about server activity by
  observing details of server sessions
• E.g., connections between network devices and
  server, rate at which connections to the server
  are made, and how they are broken (normal logoff,
  an error, or a server timeout)
• Errors and timeouts can indicate that server is
  overloaded and is refusing connections or is
  unable to service them quickly enough
• More RAM could solve the problem, or you might
  need to update other hardware

19
Network and System Performance

• Windows Server 2003 performance monitoring
• Event Viewer
• Task Manager
• Performance Monitor
• Network Monitor
• Linux servers have numerous comparable utilities

20
Event Viewer
21
Task Manager
22
Performance Monitor
23
Network Monitor
24
Total System Management

• Events on the network arent the only influence
• Must also consider whats happening on the server
  side in hard drive performance and memory use

25
Hard Drive Performance

• Performance Monitor is most useful for monitoring
  hard drives on a Windows network
• To monitor HD performance, view
• Disk space remaining
• Speed at which requests are serviced
• How often the disk is busy
• When monitoring drives, notice whether youre
  viewing the physical or the logical disk object

26
Memory Use

• Another major server issue amount of memory
  available to service incoming requests
• When the server has to page too much data
  (compared to a baseline performance), consider
  installing more memory
• Page faults can be soft or hard
• If too many hard page faults occur, response time
  slows considerably
• The best measure of memory shortages is the rate
  of hard page faults

27
CPU Utilization

• Monitoring CPU utilization (percentage of time
  CPU stays busy on average) is important
• Can measure CPU utilization at a specific moment
  or over a longer period
• Dont let peaks at that level be a cause for
  alarm
• When evaluating system health, best to monitor
  the Processor Time counter for Processor object
• Constant rates of 90 or higher might indicate
  the machine is overloaded
• Evaluate other counters (e.g., Memory pages/sec)
  to make sure high utilization isnt a secondary
  symptom

28
Network Statistics

• You can monitor network statistics in Performance
  Monitor or Network Monitor on a Windows system
• Performance Monitor checks statistics for the
  Network Interface and protocol stack objects
• Network Monitor views error rates and
  investigates specific packets or errors
• Utilization rates can also be meaningful
• An average 80 utilization over time on a token
  ring network is perfectly acceptable, but the
  same utilization on an unswitched Ethernet
  network is not

29
Maintaining a Network History

• Both Performance Monitor and Event Viewer can
  prepare log data you can use to keep long-term
  records of network performance and events
• Long-term records are useful mostly for
  determining trends or noticing new problems
• As with other forms of troubleshooting, to
  recognize sick, you must know what healthy
  looks like
• Baseline performance statistics of a healthy
  system

30
Avoiding Data Loss

• Another aspect of data security involves
  protecting data from loss/destruction and
  unauthorized access
• Protecting data on corporate computer systems
  should be an administrators top priority
• The chances of a hard drive failing are probably
  higher than the risk of a break-in
• In most cases, you can best protect data with a
  three-tiered scheme that reduces the chance of
  data loss, makes quick recovery from data loss
  easy, and, if all else fails, allows you to
  completely rebuild lost or corrupted data

31
Tape Backup

• Backing up regularly and often is essential
• Backup types
• Normal
• Incremental
• Differential
• Copy
• Daily
• Post backup schedule and assign a person to
  perform the backups and sign off on them daily
• Make sure you can restore data
• Tapes should be stored in a cool, dry, dark place

Most useful as part of a regular backup schedule
32
System Repair or Recovery in Windows

• Windows systems occasionally fail to boot, or
  exhibit problems or errors after booting that
  indicate the system is damaged or corrupted and
  possibly needs repair
• Windows network OSs include repair utilities to
  correct these problems
• Recovery Console
• Last Known Good Configuration
• System Restore
• Driver Rollback

33
Recovery Console

• The Recovery Console repair utility in Windows
  2000/2003/XP is powerful
• Command-line console supports 27 commands you can
  use on the system, such as repairing its
  partition table or replacing specific files and
  folders
• Other commands replace the Master Boot Record
  (fixmbr), write a new boot sector (fixboot),
  format hard disks (format), manage disk
  partitions (diskpart)

34
Last Known Good Configuration
35
System Restore

• Restores a system to a previous state
• Monitors all drives and partitions and records
  changes made to system files, such as the
  Registry, and some applications
• When major changes are made, it creates a restore
  point so that the computer can be restored to its
  operating parameters before the changes, in case
  something goes wrong with a driver installation,
  application install, or Registry change
• Users can create their own restore point
• Can run from a regular boot or a Safe Mode boot

36
Driver Rollback

• Included in Windows XP and Windows Server 2003,
  the Driver Rollback feature is used when a new
  driver installed for an existing device causes a
  problem with the system
• To run this feature
• Open Device Manager
• Double-click the device you want to roll driver
  back
• Click the Driver tab
• Click the Roll Back Driver button

37
Uninterruptible Power Supply

• UPS device with a built-in battery, power
  conditioning, and surge protection
• A standby UPS normally supplies power to
  plugged-in devices by passing the AC power
  directly from the wall outlet to the device
  receptacle
• An online UPS supplies power continuously to
  plugged-in devices through the UPS battery, which
  is recharged by the wall outlet power
• Power conditioning cleans the power, removing
  noise caused by other devices on the same circuit
  
• Surge protection keeps the computer from being
  affected by sags or spikes in power flow

38
Fault-Tolerant Systems

• Fault-tolerant disk configurations another
  method of data protection (hardware or software)
• Two most popular configurations are disk
  mirroring (or duplexing) and disk striping with
  parity
• These disk structures are based on redundant
  array of independent disks (RAID), so they can be
  built from standard hard disks using specialized
  disk controllers to create and manage special
  features associated with the type of RAID in use

39
Fault-Tolerant Systems (continued)
40
RAID 1 Disk Mirroring

• Disk mirroring two disks working in tandem
• When data is written to one disk, it is also
  written to second disk, thus creating a constant
  backup of data
• You can mirror a system disk so that if the boot
  disk crashes, the second one can take over
• Normally, involves two HDs on a single controller
• Disk duplexing is disk mirroring in which each
  disk has its own controller
• Protects from controller failures and disk
  failures
• Requires twice as much as the amount of data

41
RAID 5 Disk Striping with Parity
42
Intellimirror

• Intellimirror client/server application that
  runs on Windows Server 2000/2003
• Creates smart backup copy of a system on a
  server
• If a user wants to log on to another machine on
  the network, that users home desktop can be
  re-created
• Copies only items that the user requests
• More capable than a system recovery or backup
  access mechanism
• Can deploy, recover, restore, or replace user
  data, software, and personal settings

43
Summary

• Main task of network management ensure users can
  access resources they are allowed to access but
  cant access what they dont have permission to
  access
• Windows groups in a Windows domain can be domain
  local, global, or universal
• Permissions can be granted to user accounts or
  groups to control access to objects and resources
  on network
• Monitor the performance of a Windows 2000/2003
  Server network using Event Viewer, Performance
  Monitor, Task Manager, and Network Monitor

44
Summary (continued)

• Avoid data loss by making regular data backups,
  using Intellimirror, and installing
  fault-tolerant system components
• Windows 2000/2003/XP provides strong repair and
  recovery tools, such as Recovery Console, Last
  Known Good Configuration, System Restore, and
  Driver Rollback