Embed Size (px)
DESCRIPTION
Citation preview
Chapter Thirteen
Maintaining
and Upgrading
a Network
Keeping Track Establish the baseline for your network
Baselining Practice of measuring and recording a
network’s current state of operation System’s performance may begin to
degrade, sometimes gradually at other times dramatically. Compare baseline observation to current
system behavior.
Keeping Track
Asset management System of identifying and tracking the hardware
and software on your network Record information about how your network is set
up and why Physical network layout Documentation on licensing agreements
Change management Use your change management system to record
any changes resulting from network maintenance or upgrades
Software Changes
General steps for software changes Determine whether the change is necessary
Research the purpose of the change and its potential effects on other programs
Determine whether the change should apply to some or all user and whether it will be distributed centrally or machine-by-machine
If you decide to implement the change, notify system administrators, help desk personnel, and users
Make sure that people get appropriate training
Software Changes
General steps for software changes (cont.) Back up current system or software before
making any modifications Prevent users from accessing the system or
part of the system being altered Keep the upgrade instructions handy and
follow them during installation of the patch or revision
Make the change
Software Changes
General steps for software changes (cont.) Test the system fully after the change, preferably
using the software as a typical user would If the change was successful, re-enable access to
the system; if unsuccessful, revert to previous system version of the software
Inform system administrators, help desk personnel, and users when the change is complete
Record the change in the change management system
Software Changes
Patch Improvement or enhancement to a
particular piece of a software program May be released to fix major bugs in the
original program Bug--Flaw in a software program that causes
some part of the program to malfunction Service pack
Term Microsoft uses for its significant patches for Windows NT Server and Windows 2000
Software Changes
Upgrade Major change to existing code May or may not be offered free from a
vendor In general, upgrades are designed to
add functionality and fix bugs
Software Changes
Application upgrades Represent modifications to all or part of a
program that are designed to enhance functionality or fix problems related to software
Apply to software shared by clients on the network
For example, an upgrade of the database program used to store all the client records
Network Operating System Upgrades
Considerations for NOS upgrade Affect on user IDs, groups, rights, and policies Affect on file, printer, and directory access on the
server Affect on applications or client interactions on
the server Affect on configuration files, protocols, and
services running on the server
Network Operating System Upgrades
Considerations for NOS upgrade (cont.) Affect on the server’s interaction with other
devices on the network Accurately testing the upgrade software in
simulated environment Taking advantage of the new operating
system to make your system more efficient Having resources available during upgrade
process to address any problems
Network Operating System Upgrades
Considerations for NOS upgrade (cont.) Allot enough time to perform the upgrade Ensure that users, help desk personnel, and
system administrators understand how the upgrade will affect their daily operations and support burdens
Training What’s new memos/emails
Steps for NOS Upgrade
Research Proposal Evaluation Training Pre-implementation Implementation Post-implementation
Reversing a Software Upgrade
Backleveling Process of reverting to a previous version of
software after attempting to upgrade it Use the operating system uninstall feature (if
available) Restore from backups
Hardware and Physical Plant Changes
Guide for changing network hardware Determine whether the upgrade is necessary If possible, back up the current hardware’s
configuration Let people that will be affected know that you are
making the change, when, and why After change, test the hardware to insure that it is
fully operational before allowing users to access Record the change
Adding or Upgrading Equipment
Networked workstation Networked printer Hub Server Switches or routers
Adding or Upgrading Equipment
The best way to safely gain experience with adding, upgrading, or repairing devices is to experiment with devices that are not currently used on a network
Bear in mind that adding a new processor to a server, a new NIC to a router, or more memory to a printer may affect your service or warranty agreement with the manufacturer
Cabling Upgrades andBackbone Upgrades
Cabling upgrades May require significant planning and time
to implement, depending on the size of your network
Backbone upgrades The most comprehensive and complex
upgrade involving network hardware
Reversing Hardware Changes
As with software changes, you should provide a way to reverse the hardware upgrade and reinstall the old hardware if necessary
Keep the old component safe, as you not only might you need to put it back in the device, but you might also need to refer to it for information
Managing Growth and Change
Factors that might influence currently developing trends in networking technology Faster data transmission and greater accessibility will
bring network access to more people in less time Increasing compatibility between vendors Open standards will make networking careers less
specialized and probably more interesting Smarter devices will contribute to each of the above
trends, enabling the development of faster, more open standards and providing greater accessibility
Researching Network Trends
Magazines, industry associations, colleagues, Internet
Newsgroups on the Web can provide valuable information, too
Chapter Fourteen
Ensuring Integrity
and Availability
What Are Integrity and Availability?
Integrity Reliability and accuracy of a network’s
programs, data, services, devices, and connections
Availability Refers to how consistently and reliably a
system can be accessed by authorized personnel
Guidelines for Protecting Your Network
Prevent anyone other than a network administrator from opening or changing the system files
Monitor the network for unauthorized access or change
Process of monitoring a network for unauthorized access to its devices is known as intrusion detection
Record authorized system changes in a change management system
Guidelines for Protecting Your Network
Install redundant components Situation in which more than one component is installed and
ready for use for storing, processing, or transporting is referred to as redundancy
Perform regular health checks on the network Monitor system performance, error logs, and the
system log book regularly Keep backups, boot disks, and emergency repair
disks current and available Implement and enforce security and disaster recovery
policies
Virus
Program that contains code that may cause the loss of data replicates itself so as to infect more
computers Trojan horse
Program that is disguised itself as something useful but actually harms your system
Types of Viruses Boot sector viruses
Reside on the boot sector of a floppy disk and become transferred to the partition sector or the DOS boot sector on a hard disk
Macro Viruses Take the form of a word-processing or
spreadsheet program macro File infected viruses
Attach themselves directly to the file
Types of Viruses
Network viruses Propagate themselves via network
protocols, commands, messaging programs, and data links
Worms Technically not viruses, but rather
programs that run independently and travel between computers across networks
Virus Characteristics
Encryption Format that virus checker can’t read
Stealth Hide within a program
Polymorphism Change themselves as they move from system to
system Time-dependence
Only activate on a particular date
Antivirus Software
Symptoms of a virus Unexplained increases in file sizes Programs launching, running, or exiting more
slowly than usual Unusual error messages appearing without
probable cause Significant, unexpected loss of system memory Fluctuations in display quality
Antivirus Software
Functions your antivirus software should perform Signature scanning
Comparison of a file’s content with known virus signatures in a signature database
Integrity checking Method of comparing current characteristics of files and
disks against an archived version of these characteristics to discover any changes
It should detect viruses by monitoring unexpected file changes or virus-like behaviors
Antivirus Software
Functions your antivirus software should perform (cont.) Receive regular updates and modifications
from a centralized network console Consistently report only valid viruses,
rather than reporting “false alarms”
Antivirus Policy
General guidelines for an antivirus policy Every computer in an organization should be
equipped with virus detection and cleaning software that regularly scans for viruses
Users should not be allowed to alter or disable the antivirus software
Users should know what to do in case their antivirus program detects a virus
Users should be prohibited from installing any unauthorized software on their systems
Organizations should impose penalties on users who do not follow the antivirus policy
Virus Hoaxes
False alert about a dangerous, new virus that could cause serious damage to your workstation
Usually have no realistic basis and should be ignored
Fault Tolerance
Capacity for a system to continue performing despite an unexpected hardware or software malfunction
Fault tolerant systems provide redundancy or duplication of critical components
Fault Tolerance Fail-over
Process of one component immediately assuming the duties of an identical component
Hot swappable Identical components that automatically
assume the functions of their counterpart if one suffers a fault
Single point of failure Point on a network where, if a fault occurs, the
transfer of data may break down without possibility of an automatic recovery
Environment and Power
Environment Analyze the physical environments in which your
devices operate How well are your critical network components
protected from environmental hazards Power
Whatever the cause, networks cannot tolerate power loss or less than optimal power
Surge Line noise Brownout--Also known as a sag Blackout
Uninterruptible Power Supply (UPS)
Battery-operated power source directly attached to one or more devices and to a power supply
Standby UPS--Switches instantaneously to the battery when it detects a loss of power from the wall outlet
Online UPS--Uses the A/C power from the wall outlet to continuously charge its
battery, while providing power to a network device through its battery
Factors in Choosing a UPS
Amount of power needed A volt-amp (VA) is the product of the voltage and
current of the electricity on a line Period of time to keep a device running Line conditioning—surge and line noise
protection Cost
Low-end --$50-$300 Higher-end--$200-$3000
Generators
If your organization cannot withstand a power loss of any duration, consider investing in an electrical generator for your building
Gas or diesel powered Cost for industrial-type--$10,000-1M+
Redundant Topologies
FDDI and SONET Topology
Dual rings provide fault tolerance
Mesh or Hybrid Mesh Topology Provide redundant connections
between network components
Redundant Storage—RAID
Redundant Array of Inexpensive (or Independent) Disks A group of hard disks is called a disk array
A sophisticated means for dynamically duplicating or storing data using several physical hard drives
Provides fault tolerance for data There are several levels of RAID
0, 1, 5 are the levels most commonly used in Windows-based networks
RAID Level 0—Disk Striping
Simple implementation of RAID in which data are written in 64 KB blocks equally across all disks in the array
No duplication of data--not actually fault tolerant because if one of the disks fails, you will still lose all your data
Requires a minimum of two drives and can support up to 32 Fast because data can be written to multiple drives
simultaneously
RAID Level 1—Disk Mirroring
Data from one disk are copied to another disk automatically as the information is written
Makes an exact copy of a partition on one hard disk to a partition on another hard disk
RAID Level 5—Disk Stripping with Distributed Parity
Data are written in small blocks across several disks Includes error correction information (parity) so that if one of
the disks fails the lost data can be recovered from the other disks
Requires at least 3 partitions of the same size. Each partition should be on a different hard disk.
Server Mirroring andServer Clustering
Server mirroring Fault tolerance technique in which one server
duplicates the transactions and data storage of another
Servers must be identical machines; same processor, same type/size hard disk(s), etc.
Can slow network performance Server clustering
Fault tolerance technique that links multiple servers together to act as a single server
Data Backup
Copy of data and program files created for archiving purposes
Backups should be stored in a safe, fireproof location
Good idea to store off site Backing up can generate
high network traffic Pick a time when there is
little or no network traffic
Tape Backups
Questions to ask when selecting the appropriate tape backup solution for your network
Does the backup drive and/or media storage capacity? Are the backup software and hardware reliable? Does the backup software use data error checking
techniques? Is the system quick enough to complete the backup
process before daily operations resume? How much do the tape drive, software and media cost? Will the backup hardware and software be compatible with
existing network hardware and software? Does the backup system require frequent manual
intervention?
Backup Strategy
Questions to ask in developing a backup strategy What kind of rotation schedule will backups follow? At what time of day or night will the backups occur? How will you verify the accuracy of the backups? Where will backup media be stored? Who will take responsibility for ensuring that backups
occurred? How long will you save backups? Where will backup and recovery documentation be
stored?
Backup Strategy Methods
Full Backs up all selected files
Incremental backup Backs up data that have changed since the
last backup (full or incremental)
Differential backup Backs up data that have changed since the
last full backup
Disaster Recovery
Process of restoring critical functionality and data after enterprise-wide outage that affects more than a single system or limited group of users
Must take into account the possible extremes, rather than relatively minor situations
Pertinent Issues to a Data Recovery Plan
Contact names for emergency coordinators who will execute the disaster recovery response
Details on which data and servers are being backed up, how frequently backups occur, where backups are kept, and how backup data can be recovered in full
Details on network topology, redundancy, and agreements with national service carriers
Regular strategies for testing the disaster recovery plan
Plan for managing the crisis
