Your SlideShare is downloading. ×
Lecture 12   monitoring the network
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.


Saving this for later?

Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime - even offline.

Text the download link to your phone

Standard text messaging rates apply

Lecture 12 monitoring the network


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. Lecture 12:Monitoring &Remotely AccessingSystemsNetwork Design & Administration
  • 2. Monitoring vs. Accessing• Administrators have great power, so must use judiciously.• Can change permissions, change ownership etc., so can silently examine drives on remote Network Design & Administration machines while users still logged on.• Can monitor actions, usage of resources, processes.• Do not have time to watch everything! 2
  • 3. Historical vs. Real-timemonitoring• Historical monitoring summarises information over a time period: • Essential for an organisation that is trying to understand and improve its performance. Network Design & Administration • Indicates need for upgrades. • Justifies spend.• Real-time monitoring looks at the current/recent situation: • Used to understand problem/issue. 3 • Generates a relatively quick action/response.
  • 4. Monitoring User Machines• Monitoring may imply high level, light touch: • How much printing is a user doing? • How close are they getting to their disk quotas?• May also imply detailed management checking: Network Design & Administration • What are they actually storing on disk? • How active at the computer actually are they?• May be needed for security: • Are there a lot of failed attempts to log in at one particular machine? 4
  • 5. Monitoring Servers• Need to catch potential problems before they cause delays/inconvenience.• Question: What sort of problems? • Running out of disk or disk faults. Network Design & Administration • Memory leaks we want to programs. Question: why dodue to faultymonitor servers? • Network limitations. • Dead services/daemons meaning tasks not performed. • General resource shortages. 5
  • 6. How to monitor or checkmachines• There are a number of ways as: • Use Microsoft Management Console locally. • Physically log on at user machine. Network Design & Administration • Remote log in. • Use MMC addressing other machine. • Use log entries/audit trails/real-time monitoring. 6
  • 7. Microsoft ManagementConsole• Already encountered this when looking at users and computers.• Provides a central point of management for different objects and resources.• Can start via “admin tools”. Network Design & Administration• Alternatively, can use the MMC (mmc.exe) and include a snap- in (e.g. gpedit.msc)• MMC can also be redirected to another machine. 7
  • 8. Physically logging in• Can be inconvenient to both user and admin.• Sometimes necessary. • e.g. if network card has died. Network Design & Administration• More often used when helping a particular user.• Sometimes users prefer local presence.• Can be costly…• Is there an alternative? 8
  • 9. Remote Log in• A better solution!• Use Remote Desktop to remotely log into a client machine.• Particularly used for monitoring servers, which may be in remote locations. Network Design & Administration• Uses Remote Desktop Services at target machine and client program (Remote Desktop Connection) at admin’s desktop machine.• Needs to be set up at both ends.• Question: Can you think of why this is a good thing to do?• Question: Can you think of any potential problems? 9
  • 10. Client-side remote desktopaccess• Can simply be set up from System properties• By default, Network Design & Administration Administrator group members are granted remote access permission• Additional users can be added 10
  • 11. Remote Desktop Services• Previously called Terminal Services in pre-Windows Server 2008 editions.• Allows clients to use server as if it were their PC. [2] [1] Network Design & Administration [3]• Questions: • Why would you want to use a single machine? • What benefits would it provide? • Are there any special considerations for the server to take into 11 account?
  • 12. Configuring Server side remotedesktop services Network Design & Administration 12
  • 13. Remotely accessing a Unixserver• Not all servers will be running Windows Server.• A number of companies and universities use Unix/Linux within their workplace.• Could be setup to provide roles: Network Design & Administration • DNS • Web Server • File Server • Print Server • (Pretty much everything Windows Server can offer)• Question: How do we remotely administer and maintain 13 them?
  • 14. Monitoring the Server• Servers are important!• Need to constantly monitor the health of a server because of its mission critical nature.• Things to monitor: Network Design & Administration • Processor (usage & temperature) • Disk (performance, usage, throughput) • Memory (utilisation, page file etc.) • Network• To monitor server, best to start from a baseline.• Baselines can change over time with the addition of new 14 hardware & software.
  • 15. Monitoring via the EventViewer• Accessed from “Administration Tools” menu.• Should be looked at Network Design & Administration regularly. This needs to be part of a procedure (come back to this in a future lecture)• Event viewer can also 15 access event logs on a remote machine.
  • 16. Event Logs• Application – about specific programs, depends on what developers decided to log.• System – about components e.g. device driver fail to load, or service fail to start. Network Design & Administration• Security – e.g. failed logons, attempts to access protected resources. Entries ONLY turn up if explicitly set up – none by default.• Additionally - domain controllers, DNS servers have extra logs specific to them. 16
  • 17. Event Types [4] Network Design & Administration17
  • 18. Event Properties Network Design & Administration18
  • 19. Real time monitoring• Task Manager gives live real-time information • Processor and memory. • Applications and processes. Network Design & Administration • Network Utilisation. • Users connected to a system.• Can only be used to view information for local system (though can use remote desktop – but what is problem then?)• Has no logging capability. 19
  • 20. Performance Console• Snap ins to display real-time data, record over time, and execute actions when trigger values reached.• System Monitor displays default of: • Memory: Pages per Sec Network Design & Administration • Physical Disk: Average Disk Queue Length • Processor: % Processor Time• Do not monitor too many/too often – generate system overheads.• Do not monitor too infrequently or could miss spikes. 20
  • 21. Performance Console Network Design & Administration21
  • 22. Performance Logs & Alerts• Counter Log • Capture stats for specified counters to log file for later analysis.• Trace Logs Network Design & Administration • Records information about system apps when certain events occur.• Alerts • Perform action when counter reaches specified value. 22
  • 23. ReferencesNext Time …• C# programming.References Network Design & Administration[1][2][3][4] MOAC 290 Chapter 3 23