Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Network Administration and Support


Published on

  • Be the first to comment

Network Administration and Support

  1. 1. Chapter 12 Network Administration and Support
  2. 2. Introduction <ul><li>Topics </li></ul><ul><ul><li>Network Management Tasks and Activities </li></ul></ul><ul><ul><li>Managing Access and Accounts </li></ul></ul><ul><ul><li>Managing Network Performance </li></ul></ul><ul><ul><li>Managing Network Security </li></ul></ul><ul><ul><li>Protecting Data and Systems </li></ul></ul>
  3. 3. Network Management Tasks and Activities <ul><li>Managing user access to the network is a major challenge of network administration </li></ul><ul><li>Access to resources and data must be controlled but not overly restricted </li></ul><ul><li>Assigning users to groups will make the administration of user rights much easier </li></ul>
  4. 4. Managing Access and Accounts <ul><li>Setting up user accounts is less complicated than assigning access rights </li></ul><ul><li>Every OS has procedures and/or an interface for setting up accounts </li></ul><ul><li>It is better to add privileges than to take them away from users </li></ul><ul><li>Start with fairly restrictive account policies </li></ul>
  5. 5. User Accounts <ul><li>A user account holds information about the specific user </li></ul><ul><li>It can contain basic information such as name, password, and the level of permission the user in granted </li></ul><ul><li>It can also contain much more specific information such as the department the user works in, a home phone number, and the days and hours the user is allowed to log on to specific workstations </li></ul>
  6. 6. Managing Groups <ul><li>Groups are created to make the sharing of resources more manageable </li></ul><ul><li>A group contains users that share a common need for access to a particular resource </li></ul><ul><li>Even though the connotations may differ with each operating system, all of these terms still refer to the access that a user or group account is granted </li></ul>
  7. 7. Administrator Account <ul><li>All operating systems have an administrative account </li></ul><ul><li>The administrative account should be used only for the purpose of administering the server </li></ul><ul><li>Granting users this type of access is a disaster waiting to happen </li></ul><ul><li>Most operating systems set up the administrative account during installation </li></ul>
  8. 8. Default Accounts <ul><li>Windows has several accounts set up by default </li></ul><ul><li>No matter which system is used, it is important to know what accounts are installed by default and what access each account has </li></ul><ul><li>The purpose of the guest account is to allow temporary access for a user that doesn’t have an account set up </li></ul>
  9. 9. The Guest Account <ul><li>The guest account has limited access, but many times is disabled to keep intruders from accessing the machine </li></ul>
  10. 10. Passwords <ul><li>Allowing users to create simple passwords produces an unsecured environment </li></ul><ul><li>If the passwords are too difficult to remember, users will probably write them down and may even post them </li></ul><ul><li>A weak password might be very short or only use alphanumeric characters or contain information easily guessed by someone profiling the user </li></ul>
  11. 11. Strong Passwords <ul><li>Strong passwords can be derived from events or things the user knows </li></ul><ul><li>For example, the phrase &quot;Going to the Bahamas on June 6, 2006 with Jean” can be converted to gtB6606@J </li></ul><ul><li>This creates a complex password that is easy for the user to remember </li></ul>
  12. 12. Password Policies <ul><li>Password policies help protect the network from hackers and define the responsibilities of users who have been given access to company resources </li></ul><ul><li>All users should read and sign security policies as part of their employment process </li></ul><ul><li>Many times it is necessary to restrict logon hours for maintenance purposes. </li></ul>
  13. 13. Access to Files <ul><li>Auditing is the process of keeping track of who is logging in and accessing what files </li></ul><ul><li>Network administrators assign user access rights and set permissions </li></ul><ul><li>Limited group access overrides unlimited access in another group </li></ul>
  14. 14. Types of Groups <ul><li>Groups may be nested </li></ul><ul><li>Active Directory Services provides flexibility by allowing two types of groups: </li></ul><ul><ul><li>Security groups </li></ul></ul><ul><ul><li>Distribution groups </li></ul></ul><ul><li>Both types of groups have what is called a scope </li></ul><ul><li>Scope determines where the group can be used in the network and who can be a member </li></ul>
  15. 15. Group Scope <ul><li>The three group scopes available in a Windows 2000 network are: </li></ul><ul><ul><li>domain local </li></ul></ul><ul><ul><li>global </li></ul></ul><ul><ul><li>universal </li></ul></ul><ul><li>The acronym GULP will help you remember how groups are placed into other groups. </li></ul>
  16. 16. Permission Assignment <ul><li>For a user-based model, permissions are assigned to each user account </li></ul><ul><li>For group-based access control, permissions are assigned to groups </li></ul><ul><li>For role-based access control, a role is associated with a job and permissions are assigned to these roles </li></ul><ul><li>Rule-based access control is based on access control lists (ACLs) </li></ul>
  17. 17. Group Policy <ul><li>After you create groups, group policy can be used for ease of administration in managing the environment of users </li></ul><ul><li>The group policy object (GPO) is used to apply group policy to users and computers </li></ul><ul><li>A GPO is a virtual storage location for group policy settings, which are stored in the Group Policy container or template </li></ul>
  18. 18. Managing Access and Accounts <ul><li>Group policy allows you to set consistent common security standards </li></ul><ul><li>Group policies are applied in a specific order or hierarchy </li></ul><ul><li>By default, group policy is inherited and cumulative </li></ul><ul><li>Use the acronym LSDOU (local, site, domain, organizational unit) to remember the order that a group policy is applied. </li></ul>
  19. 19. Managing Network Performance <ul><li>As your network changes, its performance must be monitored and improved </li></ul><ul><li>A measure of normal activity is known as a baseline </li></ul><ul><li>Baselines must be updated on a regular basis, when the network has changed, or new technology has been deployed </li></ul>
  20. 20. Monitoring Tools <ul><li>After baselines are established, the network needs to be monitored </li></ul><ul><li>Many tools can be used to monitor the performance on the network: </li></ul><ul><ul><li>Event Viewer </li></ul></ul><ul><ul><li>Performance Console </li></ul></ul><ul><ul><li>Network Monitor </li></ul></ul><ul><ul><li>Task Manager </li></ul></ul>
  21. 21. The Event Viewer <ul><li>Allows auditing certain events </li></ul><ul><li>The Event Viewer maintains three log files: </li></ul><ul><ul><li>One for system processes </li></ul></ul><ul><ul><li>One for security information </li></ul></ul><ul><ul><li>One for applications </li></ul></ul>
  22. 22. The Task Manager <ul><li>Task Manager can be used to end processes or applications that get hung up without having to reboot the machine </li></ul><ul><li>It also gives you an instant view of CPU and memory usage </li></ul><ul><li>It should be one of the first places to check when something seems awry </li></ul>
  23. 23. The Performance Console <ul><li>Performance console is used for tracking and viewing the utilization of operating system resources </li></ul><ul><li>The console consists of two snap-ins: </li></ul><ul><ul><li>the System Monitor </li></ul></ul><ul><ul><li>the Performance Logs and Alerts </li></ul></ul><ul><li>This tool is used for properly monitoring the physical disks, memory, and processor </li></ul>
  24. 24. The Network Monitor <ul><li>Network Monitor is a protocol analyzer </li></ul><ul><li>It can be used to capture network traffic and generate statistics for creating reports </li></ul><ul><li>Network Monitor is not installed by default in Windows 2000 </li></ul><ul><li>It must be added as an optional Windows component </li></ul>
  25. 25. Bottlenecks <ul><li>A bottleneck occurs when we try to push too much data into a narrow opening </li></ul><ul><li>As a result, it jams up and has to wait </li></ul><ul><li>Internet and network traffic commonly bottleneck due to not having enough bandwidth </li></ul>
  26. 26. CPU Utilization <ul><li>When an application or program starts, it will automatically cause the CPU to spike to 100% </li></ul><ul><li>When you are monitoring the processor, you should see the utilization spike up and down </li></ul><ul><li>However, if the usage goes to 100% and stays there, then there is an issue </li></ul>
  27. 27. Managing Bottlenecks <ul><li>If your system has a processor bottleneck, you can either add more processors or upgrade to faster ones </li></ul><ul><li>One of the most common bottlenecks that Windows 2000 systems face is caused by limited physical memory </li></ul><ul><li>Windows servers are designed to page data out of memory into a paging file when not in use or if the memory is needed for other data </li></ul><ul><li>More memory provides better performance </li></ul>
  28. 28. Disk Performance Monitor <ul><li>RAM bottlenecks create excessive disk usage, as the system swaps memory to the disk </li></ul><ul><li>These bottlenecks can be monitored with the diskperf utility. </li></ul><ul><li>To use it type diskperf -y at a command prompt and restart the machine </li></ul>
  29. 29. Server Testing <ul><li>When a server is set up, you should allow a burn-in period </li></ul><ul><li>During burn-in, the server is placed under a heavy stress level for long periods of time to see if any part of the system fails </li></ul><ul><li>Performance can also be improved through application tuning </li></ul><ul><li>Network segmentation may affect performance </li></ul>
  30. 30. Improving Performance <ul><li>Main areas to be addressed </li></ul><ul><ul><li>network segmentation </li></ul></ul><ul><ul><li>application tuning </li></ul></ul><ul><ul><li>server performance </li></ul></ul>
  31. 31. Managing Network Security <ul><li>A security policy is a set guideline used to create the company rules for providing a secure working environment </li></ul><ul><li>Clear and detailed policies supported by the organization's management are the goal of a security policy </li></ul><ul><li>The most crucial part of security policy is planning and assessment </li></ul>
  32. 32. Risk Assessment <ul><li>Begin by examining the network for security risks (risk assessment) </li></ul><ul><li>Risk is the potential of a threat to exploit a vulnerability found in an asset </li></ul><ul><li>Risk assessment pertains to how likely it is that certain threats will compromise the network </li></ul>
  33. 33. Acceptable Use Policies <ul><li>pertain to what activities users may perform on the network </li></ul><ul><li>Every organization has the responsibility to conduct its business in a manner that complies with all applicable laws and regulations </li></ul><ul><li>Failure to ensure compliance can result in legal liabilities </li></ul>
  34. 34. Organizational Responsibilities <ul><li>An organization may be negligent if it fails to take the necessary precautions to avoid a security threat </li></ul>
  35. 35. Data and Equipment Disposal <ul><li>Proper disposal of data and equipment should be part of the security policy </li></ul><ul><li>Outdated hardware and discarded paper may often be used by attackers to obtain access to a network </li></ul><ul><li>Have a policy in place that requires shredding of all documents and security erasure of all types of storage media before they may be discarded. </li></ul>
  36. 36. Incident Response Policy <ul><li>What defines a security breach and how to identify when one occurs </li></ul><ul><li>When dealing with security issues, two basic models are used: </li></ul><ul><ul><li>Physical Model - addresses the risks associated with hardware and designs </li></ul></ul><ul><ul><li>Data Model - deals with protocols and software </li></ul></ul>
  37. 37. User Responsibilities <ul><li>Train users on: </li></ul><ul><ul><li>How to properly use the system </li></ul></ul><ul><ul><li>Why they must follow policy </li></ul></ul><ul><ul><li>The consequences for not complying with these policies </li></ul></ul>
  38. 38. Network Security Components <ul><li>The security components of a network fall into the following three areas: </li></ul><ul><ul><li>physical </li></ul></ul><ul><ul><li>data </li></ul></ul><ul><ul><li>system </li></ul></ul>
  39. 39. Physical Security <ul><li>identifies threats to the hardware and buildings that store system data </li></ul><ul><li>Threats include unauthorized access as well as natural disasters </li></ul><ul><li>As new physical security systems are deployed users must be trained on how to use them </li></ul>
  40. 40. Protecting Data and Systems <ul><li>Backing up data is critical </li></ul><ul><li>Off-site copies of data allow recovery in case an entire facility is destroyed </li></ul><ul><li>If backup function is outsourced, be sure the company is reputable and the employees are bonded </li></ul>
  41. 41. Backup Strategies <ul><li>Full backup </li></ul><ul><li>Incremental backup </li></ul><ul><li>Differential backup </li></ul><ul><li>Backup tapes should be tested regularly </li></ul>
  42. 42. Protecting Data and Systems <ul><li>All network servers should be isolated in a locked location to prevent any kind of unauthorized physical access </li></ul><ul><li>Use anti-virus and intrusion detection software (IDS) to protect data integrity </li></ul><ul><li>IDS systems can catch attacks in progress within the network </li></ul>
  43. 43. Business Continuity Plan <ul><li>pertains to the measures taken in the case of a complete loss </li></ul><ul><li>includes a detailed analysis of business practices and support requirements </li></ul><ul><li>includes cost estimates for network access and automatic failover of critical services to off-site systems </li></ul><ul><li>Other considerations </li></ul><ul><ul><li>Facilities </li></ul></ul><ul><ul><li>Fault tolerance </li></ul></ul><ul><ul><li>Clustering </li></ul></ul>