Transcript Chapter 13

Chapter 13: LAN Maintenance
Documentation
• Document your LAN so that you have a record of equipment
location and configuration. Documentation should include network
maps, configuration information, and baseline performance data.
• You should be able to easily locate which switch port a particular
network point corresponds to. Remember to remove the patch
cable from the switch if a network point is no longer in use.
• You should be aware of which hardware device drivers are
required for computers. Download and store device drivers
somewhere safe, so that they are easily accessible when needed.
Baselines
• Monitor server performance during normal working hours.
What is the average processor usage?
What is the average disk read/write activity?
• Monitor network performance during normal hours.
What percentage of the network bandwidth is being used?
What percentage of traffic on the network is broadcast frames as
opposed to unicast frames?
• Keep these statistics and refer back to them regularly. If necessary,
you can use historical trends (for example: increasing use of
network bandwidth over time) as a convincing argument to
management for new equipment purchases.
Data Retention Policies
• When designing a data retention policy, you should address
the following questions.
How long should your company store e-mail?
• In legal cases, past e-mail can be subpoenaed. Many
organizations now have a policy where by e-mail is deleted
after a certain amount of time from the mail server.
Should your organization keep archival backups?
How long should files that are no longer accessed be kept
before they are deleted from your file server’s HDD?
Patch Management
• Vendors regularly produce updates, hotfixes, and service
packs for operating systems.
• These updates should be tested in a limited environment
before they are deployed to all computers on the LAN. It
might be that a particular update has undocumented side
effects that render a system unusable.
• Monitor vendor security bulletins for information about
issues that might influence the computers on your LAN.
• Balance the need to update regularly with the impact on users
of constantly updating computers with new fixes.
Windows Update Services
Microsoft’s freely available Windows Update Services allow a
single server on the LAN to distribute patches to all computers
on the network. This reduces network traffic as a patch needs
to be downloaded from the Internet only once, rather than to
each specific computer.
patch deployed
many times
across LAN
patch downloaded once
From Internet
Create Images
• Disk imaging software allows you to create an exact copy of an
operating system and all of its installed applications.
• Rather than attempting to troubleshoot a computer that has a
mysterious fault, you can simply re-image it back to default
configuration.
• When using imaged computers, ensure that users store all their data
on file servers.
• If using Windows operating systems, remember that you will need
to alter the unique SID using a utility like newsid before you can
join the computer to the domain.
• Windows XP introduces restore points, which allows you to roll
back an operating system to a previous point in time.
SNMP
• Simple Network Management Protocol can be used to
monitor and manage network components, from routers to
servers.
• An SNMP agent resides on a host and gathers information.
• An SNMP management application polls SNMP agents and
collates the information for analysis and alerts.
• SNMP management applications can be configured to send
an e-mail alert or even to SMS a mobile phone in the event
of a network failure.
Summary
• You should keep up-to-date documentation of your organization’s
network map, baseline performance, and hardware configuration.
• A baseline should include both server and network performance.
• You should keep up to date on hotfixes and patches. Test them on a
small group of computers before deploying them to all hosts on the
LAN.
• Centralized patch management allows you to deploy patches
centrally, rather than manually installing them on each computer.
• Disk images allow you to quickly restore a corrupted operating
system.
Discussion Questions
 What statistics should you monitor when generating a
baseline?
 What advantages are there to using centralized patch
management such as Windows Update Services?
 What advantages are there to using disk imaging?
 What is the difference between an SNMP agent and an
SNMP management application?