Vanessa Avalos
Cisco Networking Academy Semester 3
Chapter 8
Network Management
Network documentation is the most critical and
least performed task. Network documentation starts with your work
journal but also includes cutsheet diagrams, logical diagrams, MDF &
IDF layouts, Software listings, Maintenance records and security measures.
The Cutsheet
The Logical Diagram Cutsheet indicates where, what type
of, length and termination type of cabling. It also includes location
of jacks.
MDF & IDF Layout
The physical and logical layout of the MDF & any
IDFs includes:
physical rack mounts
auxiliary equipment
servers, patch panels
labels
configurations
server & workstation details about each host
attached to the network
such as information on make &
model, drives (CD-ROM, floppy), serial number, ram, cards (NIC, sound card),
asset tags,
configuration details IP & MAC
addresses, IRQ, DMA and base memory addresses
physical location, purchase date and
warranty information
Software Listings software configurations, operating
system,
Maintenance Records a list of all repairs done
on all equipment. This will help predict and solve any potential
or future problems.
Security Measures this includes only soft security
such as:
User rights, Firewall support and password definitions.
Physical Security Identify how the MDF and IDFs
are locked; who has access to these rooms and why; how are the hosts protected;
who has physical access to the system;
User policies such as what is and is not permited,
consequences, minimum user ID an password lengths, rules for password content,
user access to resources. Make sure the network policies do not conflict
with company policies
All these documents mentioned above create a set of network
documents for the system. This document set will allow upgrades and
maintenance to procede in an organized manner. It can be a starting
place for upgrades. Or a way to recover from a network failure.
THE DOCUMENTATION MUST BE CONTINUALLY UPDATED
Network access or network security two parts:
1. Unauthorized access both internal and external
2. Recover from catastrophic events
Network access starts with security:
Security measures
such as: minimum password length, maximum password age, unique passwords,
logging on a specific times.
Data recovery: Protecting Data From Loss
There are many methods to do this. Three of the
more popular methods are: Tape backup, fault tolerant disks and uninterruptible
power supplies UPS.
Tape backups are among the most common because they have
a very low expense and a large data capacity. But the data is stored
sequentially and must be recovered the same way.
There are different types of backups because they cause
a drain on resources.
Most types work with a flag or switched archive bit.
This bit is stored in a file and turned on when the file is created or
modified. The bit turned on means that the file needs to be backed
up. After the file is stored on the tape the bit is switched off.
Most companies recommend that backups be stored off the
premises in case of fire or water damage.
Five types of backup operations:
Full Backup - all files on disk are stored to tape and
archive bit for all files turned off
Incremental Backup - backs up all files that have been
created or modified since the last full backup, only works in conjunction
with a full backup and that any file has its archive bit turned back on
Differential backup - Backs up all the files that have
been created or modified since the last full backup. The archive bit is
not reset. Each time a differential backup is done, all of the files modified
or created since the last full backup will be stored again
Copy Backup - Backs up user selected files to tape. Does
not reset the archive bit to off
Daily Backup - Backs up only the files that are modified
on the day of the backup. Does not reset the archive bit to off
The first three backup procedures are the most widely
used.
To do incremental backup
On Monday do full backup. This will turn off all archive
bits
On Tuesday do incremental backup on a separate tape.
This stores all files modified on Tuesday and resets their archive bit
This process is to be repeated for each day of the week
and each day with a separate tape
This gives a complete backup of all files modified during
that week.
An advantage to this is it require least amount of time
per day, so it has least impact on network resources.
A disadvantage is, if you need to restore the backup
you must first restore full backup and then all the incremental tapes in
order, and this takes a great deal of time.
Redundancy Techniques: Protecting Data through fault
tolerant storage devices
This type of redundant set of devices is categorized
by RAID (Redundant Array of Inexpensive Disks) levels 0-5.
RAID 0 - Stripes data across multiple disks, no parity,
so there is no redundancy.
RAID 1 - Disk mirroring (disk duplexing) writes data to
two identical partitions on separate hard disks thus creating an automatic
backup. Disk duplexing uses two hard disk controller cards as well as two
hard disks to prevent the controller card as being the single point of
failure for the system as in disk mirroring.
RAID 2 - Writes data across multiple hard disks, with
error checking. This system is not used any more because it requires expensive
disk modifications to work.
RAID 3 - Stripes data one byte at a time and has a dedicated
parity drive. A good, but expensive redundancy choice. Because of the expense,
this solution is not used very often either.
RAID 4 - Stripes data one sector at a time and has a dedicated
parity drive. An expensive redundancy choice that is very slow on data
writes to the disk. Because of the expense and the slowness of writing,
this solution is not used very often either.
RAID 5 - Stripes data and parity across multiple disks
(at least three for RAID 5). By mixing the parity across all of the disks,
a separate parity disk is not required and yet full data redundancy is
achieved. Data writes to the disk are still slow, but the cost isn't so
high. One other important fact about RAID 5 is that on a Windows NT system
the boot and system partitions cannot be located on a RAID 5 disk array.
A volume is refers to a physical unit of storage. Volume
sets are used quite often in networks. They provide NO data redundancy;
they are just a way to refer to large storage areas as a single unit.
Many environmental factors can effect your network,
such as static, dust, dirt and heat.
Take precautions to protect yourself and your equipment
from static electricity, dust, dirt and excessive heat. These precautions
include:
Making sure that all of the equipment's power switches
are OFF before hooking it up;
grounding yourself before touching the inside of the
computer;
keeping the environment in which equipment is used clean
and free of contaminants;
no smoking around equipment;
keeping food and drinks away from equipment;
making sure that your work area leaves the computers
vents open;
making sure that you place the computer on a solid support
area;
Power conditioning:
Protect your equipment from irregularities in your building's
electrical wiring. The easiest way to do this is to put it on separate
circuits in your building. This will solve some of your problems.
You can also use other devices such as:
Isolating transformers: Controls voltage spikes and high
frequency noise.
Regulators: Maintains a constant output voltage despite
changes in voltage, handles brownouts and voltage surges.
Line Conditioners: This is a regulator with an isolating
transformer built in.
Uninterruptible power supplies: This device will allow
computer to run even if there is a power failure.
EMI and RFI
Problems with the network can actually be caused by the
equipment itself. Power supplies, monitors, fluorescent lights, large
electric motors, and electrical wiring, can cause Electro-Magnetic Interference
(EMI) and Radio Frequency Interference (RFI). These types of problems
can be very difficult to diagnose and are usually discovered by use of
diagnostic software and hardware.
Software Viruses: A type of software whose sole
purpose is to disrupt the operation of a network.
You can take some steps to avoid damage by viruses by:
Being careful about getting software, without knowing
specifically where it comes from.
Being wary of other people using your computer with their
disks.
Using a current virus checker on all computers.
Network baselines:
Network performance is a measurement of a network's quickness
and reliability. Every combination of computer and network hardware, software,
and cabling will have a different network performance. In order to know
when your network is performing poorly, you must have a measurement to
compare against. This measurement is called a baseline. It is established
after network has been installed and configured properly.
You can use this base line to determine the heath of
network, as network grows periodically update it.
Always verify the operation of equipment after a move.
Peer to Peer 10 or less computers, sharing off
a drive with other people. Doesnt need specialized software.
Advantages are its cheaper to create and operate, it
allows users to control their own resources, it does not require a dedicated
server, and requires no additional software except the operation system.
Disadvantages are it has no central point of management,
the user shares resources on their machine, and a limitation of no more
than ten users
Client/server a real network, advantages, centralized
users
Advantages: a centralized point of user, security, and
resource management; servers can provide specific resources to clients.
Also provides access to resources
Disadvantages: there is now a single point of failure,
requires specially trained personnel to maintain the network, and special
network software and hardware add greatly to the cost but
a client-server network is really the only choice for
businesses with more than ten users
UNIX The Unix operating system comes in many
variations, Unix is a multi-user operating system that supports multiprocessing,
multitasking, and multithreaded applications. The operating system is Kernel
based and uses NFS
NetWare - comes in many different versions,
uses a combination of 2 file services. The is 1st FAT (file allocation
table), which is used for DOS, the 2nd is DET (Directory Entry Table) a
proprietary Novell file system which provides for both file and directory
security on the server.
NT - just like Unix, a multi-user operating system
that supports multiprocessing, multitasking, multithreaded applications
and kernel based, uses both FAT16 and NT's own proprietary system, NTFS
(New Technology File System)
Server management and control
NOS - like an OS for networks, its main function is to
control the network. It does this by establishing network users rights,
login accounts, profiles, policies, etc.
Network trouble shooting
The scientific method:
1. Observe some aspect of universe
2. invent a theory
3. test it
4. modify it
5. return to step 3
6. keep testing.
Example: User calls, cant get on internet. Help
desk writes report gives to you. Talk to user, ask What did you do?
Tells you, nothing different. Check logs, computer was upgraded
last night, computer network drives incorrectly configured, check network
neighborhood, OK. Ping server, gateway & NIC (127.0.0.1).
Decide might be problem with server. Ping server from next desk, get OK!
Server is fine, backbone is fine & server connection to backbone.
Server IDF ping server, connection fine. Get new cable on patchpanel
and ping.