1 / 18

Network Monitoring and Troubleshooting

Network Monitoring and Troubleshooting. Network Monitoring and Troubleshooting. Event Viewer-Should be the first place you look when problems arise. Task Manager Network/Performance Monitor

aman
Download Presentation

Network Monitoring and Troubleshooting

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network Monitoring and Troubleshooting

  2. Network Monitoring and Troubleshooting • Event Viewer-Should be the first place you look when problems arise. • Task Manager • Network/Performance Monitor • Log Files-as with the Event Logs, log files will be located throughout the system based on the role of the system. • Ipconfig /all: displays all/most current network settings • Ping: polls other nodes to verify communication • Pathping: combines tracert and ping • Netstat: info about TCP/IP sessions • Nbtstat: server and domain names registered • Recovery Console/Automated System Recovery • Directory Restore Mode

  3. Performance Monitoring Methods • Use to examine how programs you run affect your computer’s performance, in both real time and by collecting log data for later analysis • Uses performance counters, event trace data, and configuration information, which can be combined into Data Collector Sets • Performance counters—measurements of system state or activity • Event trace data—collected from trace providers, which are components of the operating system or of individual applications that report actions or events • Configuration information —collected from key values in the Windows registry. Windows Performance Monitor can record the value of a registry key at a specified time or interval as part of a log file.

  4. Performance Monitoring Methods (continued) • The four primary objects of performance monitoring are: • Disk I/O—Disk activity will impact system performance. • Memory—Continuous access to the page file means that the system does not have enough memory (RAM). • Processor—High processor activity can signify several problems ,including inadequate processor, virus, or poorly developed application. • Network—Network performance monitoring can determine where bottlenecks may exist as well as discovering broadcast traffic.

  5. Monitor Specific System Activities • Performance Monitor provides a visual display of built-in Windows performance counters, either in real time or as a way to review historical data. • Add performance counters to Performance Monitor by dragging and dropping, or by creating custom Data Collector Sets.

  6. Monitor Specific System Activities (continued) • Enables you to add specific performance counters to the current view

  7. Monitor Specific System Activities (continued)

  8. Monitor Specific System Activities (continued) • You can select what format you wish to view the data.

  9. Create a Data Collector Set • Real-time viewing of collectors is one way to use Performance Monitor. • Once you have added a combination of performance counters to your display you can save them as a Data Collector Set. • Right-click on Performance Monitor and select NewData Collector Set

  10. View Diagnosis Reports • Expand Data Collector Sets, User Defined, and right-click on Demo and select Start. • Wait a few moments and then expand Data Collector Sets, User Defined, and right-click on Demo and select Stop. • Expand Reports, User Defined, and click on Demo, double-click on System Monitor Log.blg

  11. View Diagnosis Reports (continued) • View system defined reports. • Expand Data Collector Sets, System, and right-click on System Performance and select Start. • Wait a few moments and then expand Data Collector Sets, System, and right-click on System Performance and select Stop. • Expand Reports, System, click on the report under System Performance.

  12. Task Manager • Use to start programs, to start or to end processes, and to view a dynamic display of your computer's performance. • Start Task Manager by one of the following actions: • Press Ctrl+Alt+Delete, and then click Task Manager. • Press Ctrl+Shift+Esc. • Right-click an empty area of the taskbar, and then click Start Task Manager.

  13. Task Manager (continued) • Click the Performance tab to view a dynamic overview of the performance of your computer. • Graphs for CPU and memory usage • The total number of handles, threads, and processes that are running • The total number of megabytes (MB) that are used for physical, kernel, and commit memory

  14. Tracking Problems • Get as much info as possible • Record error message and time • Start simple • Determine if anyone else is having same problem • Check for any recent alerts • Check event logs • Use Performance Console, network monitor, IDS or Etherreal, • Check for power interruptions/surges

  15. MONITORING NETWORK TRAFFIC BY USING NETSTAT

  16. VIEWING INFORMATION BY USING NETSTAT

  17. Additional Tools • Netsh (XP/200x) • Network configuration tool • Getmac (200x/XP) • Retrieves the machine address from system including remote • Shutdown (200x/XP) • Used to shutdown/restart system including remotes. • Pathping (XP/200x) • Combines ping and tracert • RunAs Command (XP/200x) • Secondary Logon Service is required • Runas Help • Runas /user:domainname\username cmd

  18. Basic Pro-active Maintenance and Security Measures • Keep virus definitions up to date • Monitor Security Alerts. • http://www.symantec.com/avcenter/global/security/Advisories.html • http://www.microsoft.com/security • Ensure physical security. Place servers in secure, locked rooms/racks. Disable USB/Floppy at workstations if possible. • Keep up-to-date with service packs, critical updates and hot fixes for all operating systems. • Keep current with latest security technologies and concerns at Use NTFS on all partitions, and encrypt sensitive data with EFS • Use strong passwords/passphrases • Limit the number of users with administrative privileges • Use secondary logon in Windows • Enable auditing (logon validations, security changes) • Keep up with the group memberships • Secure remote connections by using Extensible authentication protocol, callback, caller ID or VPN technologies.

More Related