LAN Administration

w.lilakiatsakun

Goals

Keeping the network operating properly

Making sure the needs of users are addressed in a timely manner, including hardware and software upgrades

The LAN administrator must have appropriate tools to accomplish a number of specific tasks

Console and agent

The console is the workstation that is set up to view information collected by the agents

The agents are special programs that are designed to retrieve specific information from the network.

Management function (1/2)

View and manipulate network data Automate file distribution Maintain hardware inventory Manage installed software, including

application usage Receive notification of network events Establish and manage network printer

support

Management function (2/2)

Automate network process such as back up and virus detection

Monitor disk and file usage Create task lists Work with text files Establish and maintain security Manage storage Etc

Agent’s Tasks

Performance management Application management Fault management Capacity planning and reporting Web traffic management Security management

Performance management (1/4)

Help manager understand typical network behavior and normal periods

To build a network performance profile, the following capabilities are needed :

Baselining and network trending Identify the true operating envelope of

network To see whether service level objectives are

met and reveal out-of-norm conditions.

Performance management (2/4)

Application usage and analysis To discover important performance

information on a real-time or historical basis Identify the overall load of the network

traffic What time of the day certain applications load

the network Which application are running between critical

clients and servers What their load is throughout the day, week and

month

Performance management (3/4)

Client-server performance analysis To help network manager define and

adhere to client-server performance objectives

Identify the following which servers may be over utilized Which clients are consuming server resources What applications or protocols they are running Etc

Performance management (4/4)

Internetwork perspective To show how certain applications use the

critical interconnect paths and define normal WAN use for the applications.

Identify traffic rates between subnets so the network manager can find out which nodes are using WAN links to communicate

Data correlation To determine which nodes are contributing

to the network load at peak point in time

Application management To understand the source of application

response time problems : network, application, server component Troubleshooting can be accomplished faster

Agents can be installed on clients as well as application servers

Monitor transaction that crosses the user desktop, traversing networks application servers, and database servers.

Fault management (1/3) Decrease the negative impact on user

productivity Packet interrogation

Isolate the actual conversation that is causing the network problem

Data correlation Use historical data available that provides

views of key network metrics at the time of the fault

What was the overall error/packet rate and the type of error that occurred

Fault management (2/3) What applications were running at the time of

the fault? Which servers were most active? Which clients were accessing these active

servers and which applications were they running?

Identification of top error generators Identify the network nodes that are generating

the faults and contributing to problems such as bottlenecks caused by errors and network downtime

Fault management (3/3) Immediate fault notification

Manager can instantly learn when a problem is occurring

Proactive alarms help detect and solve the problem as it is happening

Automated resolution procedures Intelligent agents can be configured to

automatically fix the problem when it is occurs

The agent can be programmed to email or notify help desk with instruction on how to solve the problem

Capacity planning and reporting (1/3)

To help in delivering sustainable network service levels to end users

Also, provide documented proof to management and organizations that pay for services

To make decisions about future network configurations

Capacity planning and reporting (1/3)

The following capabilities should be used Baselining

Allows the networks manager to determine the true operating performance of the network by comparing performance at various times

Load balancing Allows the networks manager to compare

internetwork service objectives from multiple sites at once to determine which subnets are over or underutilized

Capacity planning and reporting (2/3)

Protocol/application distribution Help the network manager understand

which applications have outgrown which domains or subnets

Which applications are taking up more precious bandwidth and resources

Host load balancing Allows the network manager to obtain a list

of the top network-wide server and clients using mission-critical applications

Capacity planning and reporting (3/3)

Traffic profile optimization To best guarantee service-level

performance, the ability of network managers to compare actual network configurations against proposed configurations is crucial

Traffic profiles can be developed that allow what-if scenarios to be put together and tested before incurring the cost of physical

Security management (1/3)

To help discover holes in network security by continuously monitoring network access with the following capabilities

Monitor effects of firewall configurations By monitoring post firewall traffic, the network

manager can determine if the firewall is functioning properly

Show access to and from secure subnets/ server By monitoring access from internal and external sites

to secure data centers or subnets, the network manager can set up security service-level objectives and firewall configurations based on the finding

Security management (2/3)

Trigger packet capture of network security signatures Issue alarms and automatically capture

packets upon the occurrence of external intrusion or unauthorized application access

Show access to secure servers and nodes with data correlation This capability reveals which external and

internal nodes are accessing potentially secure servers or nodes and identifies which applications they are running

Security management (3/3)

Show applications running on secure nets with application monitoring This capability evaluates applications and protocol

use on secure networks or traffic components to and from secure nodes.

Watch protocol and application use throughout the enterprise This capability allows the network manager to

select applications or protocols for monitoring by the intelligent agent so that the flow of information throughout the enterprise can be viewed

Automating Software Distribution (1/3)

A growing population of PCs and workstations deployed across widely dispersed geographical locations

Software has become more complex and difficult to install and maintain

Tools to ease complex tasks is software distribution agent e.g. System Management Server 2003 (SMS ,Microsoft)

Automating Software Distribution (2/3)

A file distribution job can be defined as software installations and upgrades, start-up file updates or file deletions.

The agent can be set up to collect file distribution information

The console allows the administrator to review status data such as which workstations are set up for file distribution The stations to which files have been distributed The number of station waiting for distribution

Automating Software Distribution (3/3)

Before automated file distributions are run the hardware inventory agent (Windows Management Instrumentation, WMI ) is usually run to check for resource availability including memory

and disk space Periodically, a scan is performed on all disk

drives To maintain an accurate inventory of software Enforce vendor license agreements Check for unauthorized copies of software

Monitoring file use A file agent is used to collect data about file

access such as which files are being accessed and by whom.

Help LAN administrator maintain network security

The file agent monitors access to specific files and provides the following Who accessed the files The complete path for the file When the files were accessed and for how long What operations were performed : read /write /copy The ID of the person accessing the files

Virus Scanning

Viruses on computers can result in the destruction of important data and cause days of lost productivity

Anti-virus products are often server based which means that virus protection can be extended to every workstation

http://anti-virus-software-review.toptenreviews.com/

Printer management There are 2 tasks associated with providing

network printer support One is the print manager data viewer which is

used by the LAN administrator to establish and maintain printer support

The other is print manager queue management which automates the process of printer setup and selection for all network users

Print manager plus / print server (windows server) / Paper cut and etc

Reference from http:// www.papercut.biz

Storage management

Monitoring disk use Disk monitor agent scans the server volumes

to collect disk use information Hierarchical storage management

Files will be archived according to certain criteria

Storage area network To achieve better performance, availability,

manageability and security of data storage. Outsourcing storage management

Monitoring disk use One or more the following categories of

information can be collected Volumes: Date and time data was collected, server

name, volumes scanned, capacity, total space used and available

Directories: Date and time data was collected, server volume and directory names, creation date and time, file count directory size (in bytes), owner name, groups to which owner is a member

Directory and file owners: Date and time data was collected, server and volume names, groups to which owner is a member, total number of files, total space used

Hierarchical storage management

When disk space becomes exhausted , data files need to be backup (as archived file or back up tape)

With the right tools, user are assured of having enough disk space to accommodate new files

When a file system reaches a predefined threshold of X percent full, automated procedure are initiated that determine which

files are eligible for archive and are currently backed up The file catalog is then updated to indicate that files

have been archived and deletes them from the disk file system

Storage Area Network (1/2)

With the rapidly increasing volume of mission-critical information, companies are demanding

better performance, availability manageability and security of their data storage assets

Thus SAN is needed ,it is a special network that enables fast reliable access among servers and external or independent storage resources regardless of physical location

Decoupling storage from computers, workstation and server and taking storage traffic off the operation network

Storage Area Network (2/2)

A SAN carries I/O traffic only between servers and storage devices it does not carry any application traffic,

which eliminates the bottlenecks associated with using a single network fabric for all applications.

The move to SAN provides organizations new level of scalability Greater degree of flexibility than network –

attached storage paradigm (implementing and managing)

Outsourcing Storage management

Data storage and management may not be core competencies

New class of supplier called the storage service providers (SSP) are available.

(SSP) is a company that provides computerstorage

space and related management to other compani es.

SSPs typically offer periodic backup and archiving EX. SSP companies are StorageNetworks and Man

aged Storage International.

Process scheduling (1/2) A scheduler agent is an application used to

organize and run jobs Task scheduler (windows) Cron (Linux)

LAN admin can use a scheduler agent to run specific jobs at a certain time. Back up process at 2 a.m.

The scheduler agent can also provide job completion information such as whether or not the job ran successfully, when it ran and the next time it is scheduled to run

Process scheduling (//2)

The following are some examples of routine jobs Perform backup Run a virus scan Process over night mailings Perform file copying and distribution Process reports Send network messages

Tracking Network Activity (1/2)

The ability to network activity allows the LAN admin to ensure the effectiveness and efficiency of network services.

An event manager agent is used to track network activity, log network activity and automatically alert Running job Logging in and out of the network Accessing application

Tracking Network Activity (2/2)

The notification feature can be set to alert the LAN admin Email message Pager message (obsolete) or SMS

Some monitoring tools use intelligent agents to gather protocol and activity data on LANs. For traffic analysis billing and report generation Alert for predefined traffic thresholds on a

particular LAN segment

Integrated help desk Some LAN admin packages include a help desk

but many do not With the integrated approach

users can generate their own trouble tickets and send them directly to the help desk via email

Trouble tickets can be generated automatically when certain event occur

The LAN admin has access to all trouble tickets, call histories and support procedure documents

The proper integration of help desk functions to the LAN admin ‘s console can reduce cost of network support (50% of TCO over 5 year)