Network Administration and Support


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Network Administration and Support

  1. 1. Chapter 12 Network Administration and Support
  2. 2. Introduction <ul><li>Topics </li></ul><ul><ul><li>Network Management Tasks and Activities </li></ul></ul><ul><ul><li>Managing Access and Accounts </li></ul></ul><ul><ul><li>Managing Network Performance </li></ul></ul><ul><ul><li>Managing Network Security </li></ul></ul><ul><ul><li>Protecting Data and Systems </li></ul></ul>
  3. 3. Network Management Tasks and Activities <ul><li>Managing user access to the network is a major challenge of network administration </li></ul><ul><li>Access to resources and data must be controlled but not overly restricted </li></ul><ul><li>Assigning users to groups will make the administration of user rights much easier </li></ul>
  4. 4. Managing Access and Accounts <ul><li>Setting up user accounts is less complicated than assigning access rights </li></ul><ul><li>Every OS has procedures and/or an interface for setting up accounts </li></ul><ul><li>It is better to add privileges than to take them away from users </li></ul><ul><li>Start with fairly restrictive account policies </li></ul>
  5. 5. User Accounts <ul><li>A user account holds information about the specific user </li></ul><ul><li>It can contain basic information such as name, password, and the level of permission the user in granted </li></ul><ul><li>It can also contain much more specific information such as the department the user works in, a home phone number, and the days and hours the user is allowed to log on to specific workstations </li></ul>
  6. 6. Managing Groups <ul><li>Groups are created to make the sharing of resources more manageable </li></ul><ul><li>A group contains users that share a common need for access to a particular resource </li></ul><ul><li>Even though the connotations may differ with each operating system, all of these terms still refer to the access that a user or group account is granted </li></ul>
  7. 7. Administrator Account <ul><li>All operating systems have an administrative account </li></ul><ul><li>The administrative account should be used only for the purpose of administering the server </li></ul><ul><li>Granting users this type of access is a disaster waiting to happen </li></ul><ul><li>Most operating systems set up the administrative account during installation </li></ul>
  8. 8. Default Accounts <ul><li>Windows has several accounts set up by default </li></ul><ul><li>No matter which system is used, it is important to know what accounts are installed by default and what access each account has </li></ul><ul><li>The purpose of the guest account is to allow temporary access for a user that doesn’t have an account set up </li></ul>
  9. 9. The Guest Account <ul><li>The guest account has limited access, but many times is disabled to keep intruders from accessing the machine </li></ul>
  10. 10. Passwords <ul><li>Allowing users to create simple passwords produces an unsecured environment </li></ul><ul><li>If the passwords are too difficult to remember, users will probably write them down and may even post them </li></ul><ul><li>A weak password might be very short or only use alphanumeric characters or contain information easily guessed by someone profiling the user </li></ul>
  11. 11. Strong Passwords <ul><li>Strong passwords can be derived from events or things the user knows </li></ul><ul><li>For example, the phrase &quot;Going to the Bahamas on June 6, 2006 with Jean” can be converted to gtB6606@J </li></ul><ul><li>This creates a complex password that is easy for the user to remember </li></ul>
  12. 12. Password Policies <ul><li>Password policies help protect the network from hackers and define the responsibilities of users who have been given access to company resources </li></ul><ul><li>All users should read and sign security policies as part of their employment process </li></ul><ul><li>Many times it is necessary to restrict logon hours for maintenance purposes. </li></ul>
  13. 13. Access to Files <ul><li>Auditing is the process of keeping track of who is logging in and accessing what files </li></ul><ul><li>Network administrators assign user access rights and set permissions </li></ul><ul><li>Limited group access overrides unlimited access in another group </li></ul>
  14. 14. Types of Groups <ul><li>Groups may be nested </li></ul><ul><li>Active Directory Services provides flexibility by allowing two types of groups: </li></ul><ul><ul><li>Security groups </li></ul></ul><ul><ul><li>Distribution groups </li></ul></ul><ul><li>Both types of groups have what is called a scope </li></ul><ul><li>Scope determines where the group can be used in the network and who can be a member </li></ul>
  15. 15. Group Scope <ul><li>The three group scopes available in a Windows 2000 network are: </li></ul><ul><ul><li>domain local </li></ul></ul><ul><ul><li>global </li></ul></ul><ul><ul><li>universal </li></ul></ul><ul><li>The acronym GULP will help you remember how groups are placed into other groups. </li></ul>
  16. 16. Permission Assignment <ul><li>For a user-based model, permissions are assigned to each user account </li></ul><ul><li>For group-based access control, permissions are assigned to groups </li></ul><ul><li>For role-based access control, a role is associated with a job and permissions are assigned to these roles </li></ul><ul><li>Rule-based access control is based on access control lists (ACLs) </li></ul>
  17. 17. Group Policy <ul><li>After you create groups, group policy can be used for ease of administration in managing the environment of users </li></ul><ul><li>The group policy object (GPO) is used to apply group policy to users and computers </li></ul><ul><li>A GPO is a virtual storage location for group policy settings, which are stored in the Group Policy container or template </li></ul>
  18. 18. Managing Access and Accounts <ul><li>Group policy allows you to set consistent common security standards </li></ul><ul><li>Group policies are applied in a specific order or hierarchy </li></ul><ul><li>By default, group policy is inherited and cumulative </li></ul><ul><li>Use the acronym LSDOU (local, site, domain, organizational unit) to remember the order that a group policy is applied. </li></ul>
  19. 19. Managing Network Performance <ul><li>As your network changes, its performance must be monitored and improved </li></ul><ul><li>A measure of normal activity is known as a baseline </li></ul><ul><li>Baselines must be updated on a regular basis, when the network has changed, or new technology has been deployed </li></ul>
  20. 20. Monitoring Tools <ul><li>After baselines are established, the network needs to be monitored </li></ul><ul><li>Many tools can be used to monitor the performance on the network: </li></ul><ul><ul><li>Event Viewer </li></ul></ul><ul><ul><li>Performance Console </li></ul></ul><ul><ul><li>Network Monitor </li></ul></ul><ul><ul><li>Task Manager </li></ul></ul>
  21. 21. The Event Viewer <ul><li>Allows auditing certain events </li></ul><ul><li>The Event Viewer maintains three log files: </li></ul><ul><ul><li>One for system processes </li></ul></ul><ul><ul><li>One for security information </li></ul></ul><ul><ul><li>One for applications </li></ul></ul>
  22. 22. The Task Manager <ul><li>Task Manager can be used to end processes or applications that get hung up without having to reboot the machine </li></ul><ul><li>It also gives you an instant view of CPU and memory usage </li></ul><ul><li>It should be one of the first places to check when something seems awry </li></ul>
  23. 23. The Performance Console <ul><li>Performance console is used for tracking and viewing the utilization of operating system resources </li></ul><ul><li>The console consists of two snap-ins: </li></ul><ul><ul><li>the System Monitor </li></ul></ul><ul><ul><li>the Performance Logs and Alerts </li></ul></ul><ul><li>This tool is used for properly monitoring the physical disks, memory, and processor </li></ul>
  24. 24. The Network Monitor <ul><li>Network Monitor is a protocol analyzer </li></ul><ul><li>It can be used to capture network traffic and generate statistics for creating reports </li></ul><ul><li>Network Monitor is not installed by default in Windows 2000 </li></ul><ul><li>It must be added as an optional Windows component </li></ul>
  25. 25. Bottlenecks <ul><li>A bottleneck occurs when we try to push too much data into a narrow opening </li></ul><ul><li>As a result, it jams up and has to wait </li></ul><ul><li>Internet and network traffic commonly bottleneck due to not having enough bandwidth </li></ul>
  26. 26. CPU Utilization <ul><li>When an application or program starts, it will automatically cause the CPU to spike to 100% </li></ul><ul><li>When you are monitoring the processor, you should see the utilization spike up and down </li></ul><ul><li>However, if the usage goes to 100% and stays there, then there is an issue </li></ul>
  27. 27. Managing Bottlenecks <ul><li>If your system has a processor bottleneck, you can either add more processors or upgrade to faster ones </li></ul><ul><li>One of the most common bottlenecks that Windows 2000 systems face is caused by limited physical memory </li></ul><ul><li>Windows servers are designed to page data out of memory into a paging file when not in use or if the memory is needed for other data </li></ul><ul><li>More memory provides better performance </li></ul>
  28. 28. Disk Performance Monitor <ul><li>RAM bottlenecks create excessive disk usage, as the system swaps memory to the disk </li></ul><ul><li>These bottlenecks can be monitored with the diskperf utility. </li></ul><ul><li>To use it type diskperf -y at a command prompt and restart the machine </li></ul>
  29. 29. Server Testing <ul><li>When a server is set up, you should allow a burn-in period </li></ul><ul><li>During burn-in, the server is placed under a heavy stress level for long periods of time to see if any part of the system fails </li></ul><ul><li>Performance can also be improved through application tuning </li></ul><ul><li>Network segmentation may affect performance </li></ul>
  30. 30. Improving Performance <ul><li>Main areas to be addressed </li></ul><ul><ul><li>network segmentation </li></ul></ul><ul><ul><li>application tuning </li></ul></ul><ul><ul><li>server performance </li></ul></ul>
  31. 31. Managing Network Security <ul><li>A security policy is a set guideline used to create the company rules for providing a secure working environment </li></ul><ul><li>Clear and detailed policies supported by the organization's management are the goal of a security policy </li></ul><ul><li>The most crucial part of security policy is planning and assessment </li></ul>
  32. 32. Risk Assessment <ul><li>Begin by examining the network for security risks (risk assessment) </li></ul><ul><li>Risk is the potential of a threat to exploit a vulnerability found in an asset </li></ul><ul><li>Risk assessment pertains to how likely it is that certain threats will compromise the network </li></ul>
  33. 33. Acceptable Use Policies <ul><li>pertain to what activities users may perform on the network </li></ul><ul><li>Every organization has the responsibility to conduct its business in a manner that complies with all applicable laws and regulations </li></ul><ul><li>Failure to ensure compliance can result in legal liabilities </li></ul>
  34. 34. Organizational Responsibilities <ul><li>An organization may be negligent if it fails to take the necessary precautions to avoid a security threat </li></ul>
  35. 35. Data and Equipment Disposal <ul><li>Proper disposal of data and equipment should be part of the security policy </li></ul><ul><li>Outdated hardware and discarded paper may often be used by attackers to obtain access to a network </li></ul><ul><li>Have a policy in place that requires shredding of all documents and security erasure of all types of storage media before they may be discarded. </li></ul>
  36. 36. Incident Response Policy <ul><li>What defines a security breach and how to identify when one occurs </li></ul><ul><li>When dealing with security issues, two basic models are used: </li></ul><ul><ul><li>Physical Model - addresses the risks associated with hardware and designs </li></ul></ul><ul><ul><li>Data Model - deals with protocols and software </li></ul></ul>
  37. 37. User Responsibilities <ul><li>Train users on: </li></ul><ul><ul><li>How to properly use the system </li></ul></ul><ul><ul><li>Why they must follow policy </li></ul></ul><ul><ul><li>The consequences for not complying with these policies </li></ul></ul>
  38. 38. Network Security Components <ul><li>The security components of a network fall into the following three areas: </li></ul><ul><ul><li>physical </li></ul></ul><ul><ul><li>data </li></ul></ul><ul><ul><li>system </li></ul></ul>
  39. 39. Physical Security <ul><li>identifies threats to the hardware and buildings that store system data </li></ul><ul><li>Threats include unauthorized access as well as natural disasters </li></ul><ul><li>As new physical security systems are deployed users must be trained on how to use them </li></ul>
  40. 40. Protecting Data and Systems <ul><li>Backing up data is critical </li></ul><ul><li>Off-site copies of data allow recovery in case an entire facility is destroyed </li></ul><ul><li>If backup function is outsourced, be sure the company is reputable and the employees are bonded </li></ul>
  41. 41. Backup Strategies <ul><li>Full backup </li></ul><ul><li>Incremental backup </li></ul><ul><li>Differential backup </li></ul><ul><li>Backup tapes should be tested regularly </li></ul>
  42. 42. Protecting Data and Systems <ul><li>All network servers should be isolated in a locked location to prevent any kind of unauthorized physical access </li></ul><ul><li>Use anti-virus and intrusion detection software (IDS) to protect data integrity </li></ul><ul><li>IDS systems can catch attacks in progress within the network </li></ul>
  43. 43. Business Continuity Plan <ul><li>pertains to the measures taken in the case of a complete loss </li></ul><ul><li>includes a detailed analysis of business practices and support requirements </li></ul><ul><li>includes cost estimates for network access and automatic failover of critical services to off-site systems </li></ul><ul><li>Other considerations </li></ul><ul><ul><li>Facilities </li></ul></ul><ul><ul><li>Fault tolerance </li></ul></ul><ul><ul><li>Clustering </li></ul></ul>