Transcript Chapter 13
Chapter 13: LAN Maintenance Documentation • Document your LAN so that you have a record of equipment location and configuration. Documentation should include network maps, configuration information, and baseline performance data. • You should be able to easily locate which switch port a particular network point corresponds to. Remember to remove the patch cable from the switch if a network point is no longer in use. • You should be aware of which hardware device drivers are required for computers. Download and store device drivers somewhere safe, so that they are easily accessible when needed. Baselines • Monitor server performance during normal working hours. What is the average processor usage? What is the average disk read/write activity? • Monitor network performance during normal hours. What percentage of the network bandwidth is being used? What percentage of traffic on the network is broadcast frames as opposed to unicast frames? • Keep these statistics and refer back to them regularly. If necessary, you can use historical trends (for example: increasing use of network bandwidth over time) as a convincing argument to management for new equipment purchases. Data Retention Policies • When designing a data retention policy, you should address the following questions. How long should your company store e-mail? • In legal cases, past e-mail can be subpoenaed. Many organizations now have a policy where by e-mail is deleted after a certain amount of time from the mail server. Should your organization keep archival backups? How long should files that are no longer accessed be kept before they are deleted from your file server’s HDD? Patch Management • Vendors regularly produce updates, hotfixes, and service packs for operating systems. • These updates should be tested in a limited environment before they are deployed to all computers on the LAN. It might be that a particular update has undocumented side effects that render a system unusable. • Monitor vendor security bulletins for information about issues that might influence the computers on your LAN. • Balance the need to update regularly with the impact on users of constantly updating computers with new fixes. Windows Update Services Microsoft’s freely available Windows Update Services allow a single server on the LAN to distribute patches to all computers on the network. This reduces network traffic as a patch needs to be downloaded from the Internet only once, rather than to each specific computer. patch deployed many times across LAN patch downloaded once From Internet Create Images • Disk imaging software allows you to create an exact copy of an operating system and all of its installed applications. • Rather than attempting to troubleshoot a computer that has a mysterious fault, you can simply re-image it back to default configuration. • When using imaged computers, ensure that users store all their data on file servers. • If using Windows operating systems, remember that you will need to alter the unique SID using a utility like newsid before you can join the computer to the domain. • Windows XP introduces restore points, which allows you to roll back an operating system to a previous point in time. SNMP • Simple Network Management Protocol can be used to monitor and manage network components, from routers to servers. • An SNMP agent resides on a host and gathers information. • An SNMP management application polls SNMP agents and collates the information for analysis and alerts. • SNMP management applications can be configured to send an e-mail alert or even to SMS a mobile phone in the event of a network failure. Summary • You should keep up-to-date documentation of your organization’s network map, baseline performance, and hardware configuration. • A baseline should include both server and network performance. • You should keep up to date on hotfixes and patches. Test them on a small group of computers before deploying them to all hosts on the LAN. • Centralized patch management allows you to deploy patches centrally, rather than manually installing them on each computer. • Disk images allow you to quickly restore a corrupted operating system. Discussion Questions What statistics should you monitor when generating a baseline? What advantages are there to using centralized patch management such as Windows Update Services? What advantages are there to using disk imaging? What is the difference between an SNMP agent and an SNMP management application?