280 likes | 356 Views
Network Management. Semester 3, Chapter 8 Allan Johnson. LAN Management. This chapter deals mainly with the management of LANs. Although the content is not covered on the CCNA exam, it is covered on the Comp TIA Net+ exam.
E N D
Network Management Semester 3, Chapter 8 Allan Johnson
LAN Management • This chapter deals mainly with the management of LANs. Although the content is not covered on the CCNA exam, it is covered on the Comp TIA Net+ exam. • In addition, network management is when the real work begins for a net admin. • Topics covered include: • Documentation • Security • Network Performance • Server Administration • Troubleshooting
Documentation • Documenting the network, including: • Cut sheet diagrams • MDF & IDF layouts • Server/workstation configurations • Software installed • Maintenance records • Security & user policies ...is the most critical component of good network management. • Documentation is also the least implemented component of network administration.
MDF & IDF Layouts • The Physical and Logical layouts of all wiring closets includes: • physical location of rack mounts, equipment and servers • patch panel labeling scheme for identifying cable terminations • Configuration details of all equipment
Server/Workstation Configurations • Includes details about: • Hardware specifications • Make & model • Number & type of drives • Cards installed • Physical location & Logical addressing • IP and MAC address • Subnet • Topology • Purchase date and warranty information
Software & Maintenance Records • Software listings include: • All software installed on each computer • The standard configuration used for each type of workstation • Operating system information • Maintenance records assist net admin to anticipate potential problems and include: • All repairs and upgrades made to a computer
Security & User Documents • Physical Security • How are MDFs & IDFs locked • Who has access to MDFs & IDFs • How are host devices protected (security cables, etc.) • Soft Security • User policies & rights outlining what is and what is not permissible on the network • Password protection • Firewall support
Security • Network security includes two major components: • Controlling Access • Data Protection and Recovery
Access • The network policy established during the documentation phase determines the criteria used to select passwords, such as: • password length • aging of passwords • time of day access is allowed • Acceptable Use Policies make sure users are aware of the company’s definition of what is allowed and not allowed on the network. It also normally includes consequences for violation of the policy.
Data Recovery • Data recovery, the second component of security, involves protecting data from loss • Methods for protecting data include: • Tape backup • Fault tolerance • Controlling Environmental Factors • Power Conditioning • Preventing Virus Corruption
Tape Backup • Magnetic tapes are the most popular media used for backing up data because of the cost and capacity. • They are much cheaper than removable hard drives • Tape backups record and restore data sequentially. • This can make it difficult to find a particular file. However, tape backups are used to fully restore all lost data. • Most Tape Backup systems use an archive bit set to on or off. If the bit is on, then the data has been changed since the last backup.
Types of Tape Backup Systems • Several options are available when using tapes. • Full backup--all files are backed up periodically • Incremental and Differential backups--uses an archive bit to determine if a file has been created or modified since the last full backup • Copy backup--backs up user selected data to tape • Daily backup--backs up data created or modified for that day
Fault Tolerance • Fault tolerance involves establishing redundancy techniques to keep a system up and running when a failure occurs. • RAID (Redundant Array of Inexpensive Disks) • RAID 0--stripes data across multiple disk; no redundancy • RAID 1--(mirroring) provides redundancy by writing all data to two or more drives • RAID 2--no longer used because of expense • RAID 3/4--stores parity on one disk; 3 stripes at the byte level and 4 stripes at the block level across remaining disks. • RAID 5--similar to 3/4 but stripes data with parity across multiple drives. Requires at least 3 drives. 5 drives is ideal.
Environmental Factors • Electrical Static Discharge can approach 20,000 volts and fry sensitive computer components • Protect against by grounding yourself using grounding strap before working on computers • Dust and dirt should be avoided. Periodically clean keyboards, monitors, and towers • Avoid excessive heat • Follow TIA/EIA 568A standards to avoid EMI and RFI noise • For example, Shielded Twisted Pair (STP) cable is a possible solution to prevent EMI/RFI corruption of data.
Power Conditioning • Power conditioning is the process of implementing procedures to control the power supplied to your network. They include: • Isolating Transformer--to control voltage spikes and high frequency noise • Regulators--to maintain a constant level of voltage • Line Conditioner--an isolating transformer/regulator combination. • Uninterruptible Power Supply--maintains a charged battery to supply voltage to devices in the event of a power failure.
Software Viruses • Preventing software viruses is the final topic under network security. Types include: • Worm--a program that spreads across computers and usually reproduces copies of itself in a computer’s memory • Virus--a program that usually has a negative effect on executable programs • Trojan Horse--destructive program disguised as a game, utility or other application • Preventing viruses includes... • Know where your data is coming from • Avoid allowing others to use floppies on your computer • Maintain updated virus checking software
Monitoring the Network • Part of documenting the network is establishing baselines for the various performance issues including... • Bandwidth utilization • Collision counts • Broadcast traffic • A baseline sets the acceptable performance of the network, but must be updated as the network is updated or expanded.
Types of Networks • Peer-to-Peer Networks • Also known as a Workgroup Network, it is designed for a small number of users. • No more than 10 devices should be on one peer-to-peer network. • Advantages: relatively easy to configure, users control resources, no dedicated server needed • Disadvantages: no central management • Client-Server Networks • Uses a dedicated server running a NOS to control resources and manage the network.
Types of Client-Server NOSs • UNIX • Open standard with proprietary versions offered by HP, IBM, and Sun (among others) as well as a free versions (FreeBSD and Linux). • Multi-user, multi-tasking environment using NFS security. • Kernel based which isolates the hardware layer from improperly operating applications.
Types of Client-Server NOSs • NetWare • various versions as discussed in Ch. 7 • uses two file services: FAT and DET • Windows NT/2000/2003 • uses domains to control services with Domain Controllers and Active Directory. • Similar to UNIX except uses a different file system structure
Scientific Method • Network troubleshooting is a systematic process that uses the scientific method: • Identify the network/user problem • Gather data about the network/user problem • Analyze data and come up with possible solutions • Choose and implement best solution • Evaluate solution’s success and modify data collected, if necessary • If problem still exists, return to Step 3.
Typical Troubleshooting Scenario • User calls and says he can’t access the network (problem identified). • Gather data by asking the user questions, checking logs, and hardware configurations. • Analyze the data collected to determine possible solutions. Check the physical layer by pinging the user. If unsuccessful, ping the NIC from the the user’s computer using the loopback address: 127.0.0.1. Continue to ping along the network to find problem. If no problem, then check software.
Typical Troubleshooting Scenario • Implement the best solution to solve the problem. • Evaluate the implemented solution to see if the problem has been solved. If not, return to Step 3.