Network Support and Administration
Section Titles:
Managing Network Accounts | Managing Network Performance | Avoiding Data Loss
- Five management areas
- user administration
- resource management
- configuration management
- performance management
- maintenance
Managing Network Accounts |
There is a large section on creating user accounts. No sense going over this again.
Look at the Administration notes before you do the NE exam.
Here are a couple of highlights from the section:
Profiles
- used to structure a network environment for certain users
- this may be for security
- can also control the user's logon environment
- profiles include network connections and program items that appear when the user logs
on. These can include:
- printer connections
- window sizes and positions
- icons
- mouse settings
- the screen arrangement of colors
- screen savers
Rights apply to the system as a whole; permissions apply to a certain object.
Types of Groups
- Local Groups => things
- Global Groups => People
- Special Groups => internal system access -- Interactive, Network
- Built-In Groups => Administrator, Users, Operators Groups, Guests
Administrator Responsibilities
- Creating and Managing Accounts
- Security
- Training and supporting users
- Updating and implementing new software
- Archiving and data backup
- Preventing data loss
- Monitoring and regulating server storage space.
- Tuning the network
- Virus protection
- Troubleshooting
- Upgrading and replacing hardware
- Adding new computers
Security Models
Two different security models have evolved:
- Password-protected shares (share-level): each resource has a password
- there are 2 levels of passwords: Read access and Full Control Access
- Access permissions (user level): Rights are assign on a user by user basis. More
secure than the share level method.
Other Methods of Network Security
- Auditing
- audit records show the users that have accessed or attempted to access specific
resources in security log
- Diskless computers
- Data Encryption
- data can't be stolen from the cable. When the data gets to the proper PC, a key, the
code for deciphering encrypted data, decode the bits into understandable info.
- DES data encryption standard
- CCEP commercial COMSEC endorsement program
- Virus protection
- The 4 standard measures to take when protecting against viruses:
- Passwords to reduce the chance of unauthorized access
- Well planned access and privilege assignments for all users
- Profiles to structure the network environment
- a policy determining what software can be loaded
Managing Network Performance |
- Bottlenecks
- one device uses noticeably more CPU time than the others
- these devices tend to become bottlenecks:
- CPU,
- memory,
- network card,
- disk controllers,
- network media
- Windows NT Performance Monitor
- view operations in both real time and recorded time for: processors, HDD, memory,
network utilization, network as a whole
- can record the performance data
- send an alert to the network manager
- run utility that can adjust the system back into acceptable ranges
- establish a baseline of system management
- Simple Network Management Protocol (SNMP) - in a SNMP environment, programs
called agents are loaded onto each managed device. The agents monitor network traffic and
behaviour in these key network components in order to gather statistical data. This data
is stored in a management information base (MIB)
- SNMP components include: hubs, servers, interface cards, routers and bridges
- The MIB collects data and the management program
- presents the information in the form of graphs or charts AND/OR
- sends the information to database program for analysis
Total System Management
- Microsoft System Management Server (SMS)
- centralized administration of computers in a WAN
- Inventory Management - collects and maintains an inventory of hardware and
software for each computer and stored in a SQL server database, info. like RAM, CPU, HDD
size...
- Shared Application Management - shared application can also distributed to a
server for client's access
- Software Distribution
- SMS can install and configure new software or upgrade previously installed software
- Also, it can run commands on the client such as virus scans
- Remote Control and Network Monitor - provide help desk and diagnostics utilities
to control remote client directly and access to remote client
Tape Backup
UPS
- power source to run the server for s short time
- safe shutdown management service
- prevent any more users from accessing the server
- send an alert message to the network admin.
- power is restored while UPS is active, the UPS will notify users that the power has
returned
Fault Tolerant Systems - Windows NT supports Raid 0,1 and 5. For the exam, worry
only about them.
- RAID 0 - disk striping
- disk striping divides data into 64k block and spreads it equally in a fixed rate and
order among all disks in an array
- NOT FAULT TOLERANT
- RAID 1 -
- disk mirroring - actually duplicates a partition and moves the duplication onto
another physical disk
- disk duplexing - is a mirrored pair of disks with an addition disk controller on
the second drive
- The only RAID solution that can house the system files in the Boot partition
- RAID 4 - disk guarding
- one drive is a dedicated parity drive, data is striped to multiple drives and then its
parity sum is calculated, which is written to the dedicated parity drive
- works best for large block operations
- RAID 5 - striping with parity
- data is striped across multiple drives and then its parity sum is calculated, which is
also striped across multiple drives (not a dedicated parity drive)
- sector sparing - hot fixing
- automatically adds sector - recovery capabilities to the file system while the computer
is running
if bad sectors are found during disk I/O, the fault tolerance driver will attempt to move
the data to good sector and map out the bad sector - only for SCSI, not ESDI or IDE
|