Networking Essentials Notes

Section 5


Network Support and Administration

  Section Titles:

Managing Network Accounts | Managing Network Performance | Avoiding Data Loss

 

  • Five management areas
    1. user administration
    2. resource management
    3. configuration management
    4. performance management
    5. maintenance
Managing Network Accounts

 

User Administration 

There is a large section on creating user accounts. No sense going over this again. Look at the Administration notes before you do the NE exam.

Here are a couple of highlights from the section:

Profiles

  • used to structure a network environment for certain users
  • this may be for security
  • can also control the user's logon environment
  • profiles include network connections and program items that appear when the user logs on. These can include:
    • printer connections
    • window sizes and positions
    • icons
    • mouse settings
    • the screen arrangement of colors
    • screen savers

Rights apply to the system as a whole; permissions apply to a certain object.

Types of Groups

  • Local Groups => things
  • Global Groups => People
  • Special Groups => internal system access -- Interactive, Network
  • Built-In Groups => Administrator, Users, Operators Groups, Guests

Administrator Responsibilities

  • Creating and Managing Accounts
  • Security
  • Training and supporting users
  • Updating and implementing new software
  • Archiving and data backup
  • Preventing data loss
  • Monitoring and regulating server storage space.
  • Tuning the network
  • Virus protection
  • Troubleshooting
  • Upgrading and replacing hardware
  • Adding new computers

Security Models

Two different security models have evolved:

  • Password-protected shares (share-level): each resource has a password
    • there are 2 levels of passwords: Read access and Full Control Access
  • Access permissions (user level): Rights are assign on a user by user basis. More secure than the share level method.

Other Methods of Network Security

  • Auditing
    • audit records show the users that have accessed or attempted to access specific resources in security log
  • Diskless computers
  • Data Encryption
    • data can't be stolen from the cable. When the data gets to the proper PC, a key, the code for deciphering encrypted data, decode the bits into understandable info.
    • DES data encryption standard
    • CCEP commercial COMSEC endorsement program
  • Virus protection
    • The 4 standard measures to take when protecting against viruses:
      • Passwords to reduce the chance of unauthorized access
      • Well planned access and privilege assignments for all users
      • Profiles to structure the network environment
      • a policy determining what software can be loaded
Managing Network Performance 
  • Bottlenecks
    • one device uses noticeably more CPU time than the others
    • these devices tend to become bottlenecks:
      • CPU,
      • memory,
      • network card,
      • disk controllers,
      • network media
  • Windows NT Performance Monitor
    • view operations in both real time and recorded time for: processors, HDD, memory, network utilization, network as a whole
    • can record the performance data
    • send an alert to the network manager
    • run utility that can adjust the system back into acceptable ranges
    • establish a baseline of system management
  • Simple Network Management Protocol (SNMP) - in a SNMP environment, programs called agents are loaded onto each managed device. The agents monitor network traffic and behaviour in these key network components in order to gather statistical data. This data is stored in a management information base (MIB)
  • SNMP components include: hubs, servers, interface cards, routers and bridges
  • The MIB collects data and the management program
    • presents the information in the form of graphs or charts AND/OR
    • sends the information to database program for analysis

Total System Management

  • Microsoft System Management Server (SMS)
    • centralized administration of computers in a WAN
    • Inventory Management - collects and maintains an inventory of hardware and software for each computer and stored in a SQL server database, info. like RAM, CPU, HDD size...
    • Shared Application Management - shared application can also distributed to a server for client's access
    • Software Distribution
      • SMS can install and configure new software or upgrade previously installed software
      • Also, it can run commands on the client such as virus scans
    • Remote Control and Network Monitor - provide help desk and diagnostics utilities to control remote client directly and access to remote client
Avoiding Data Loss 

Tape Backup

      Method Description
      Full Backup backs up and marks selected files, whether or not they have changed since the last backup
      Copy backs up selected files without marking them as backed up
      Incremental Backup backs up and marks selected files only if they have changed since the last backup
      Differential Backup backs up selected files only if they have changed since the last backup w/o marking them as backed up

      The difference between Incremental and Differential
      IF => Incremental Fast to backup; Slow to Restore   => Marks files as backed up
          => Differential Slow to backup; Fast to Restore

UPS

      • power source to run the server for s short time
      • safe shutdown management service
      • prevent any more users from accessing the server
      • send an alert message to the network admin.
      • power is restored while UPS is active, the UPS will notify users that the power has returned

Fault Tolerant Systems - Windows NT supports Raid 0,1 and 5. For the exam, worry only about them.

      • RAID 0 - disk striping
        • disk striping divides data into 64k block and spreads it equally in a fixed rate and order among all disks in an array
        • NOT FAULT  TOLERANT
      • RAID 1 -
        • disk mirroring - actually duplicates a partition and moves the duplication onto another physical disk
        • disk duplexing - is a mirrored pair of disks with an addition disk controller on the second drive
        • The only RAID solution that can house the system files in the Boot partition
      • RAID 4 - disk guarding
        • one drive is a dedicated parity drive, data is striped to multiple drives and then its parity sum is calculated, which is written to the dedicated parity drive
        • works best for large block operations
      • RAID 5 - striping with parity
        • data is striped across multiple drives and then its parity sum is calculated, which is also striped across multiple drives (not a dedicated parity drive)
      • sector sparing - hot fixing
        • automatically adds sector - recovery capabilities to the file system while the computer is running

        • if bad sectors are found during disk I/O, the fault tolerance driver will attempt to move the data to good sector and map out the bad sector - only for SCSI, not ESDI or IDE

 


E-mail Me! Comments and suggestions? E-mail me at grantwil@sk.sympatico.ca
Last Updated: Wednesday, March 10, 1999 Grant Wilson, Tisdale, SK. Canada