Upload
samantha-osmon
View
228
Download
0
Tags:
Embed Size (px)
Citation preview
Managing A Network
Managing
• Why?
• Who – Network Manager / Network Administrator
• Credentials– MSCE, CNE
– Sun Certified System Administrator Solaris
– Sun Certified Network Administrator Solaris
Managing
• Systems– Clients, Servers, Network Hubs, Routers,
Remote Access Devices, Printers, etc.– Users– Interfacing with other organizations– Audits, backups– Software updates
Server Managing
• Hardware Issues– CPU Power & Number– Memory– Hard Disks, size, type, storage architecture
• SCSI, IDE
• Striping, Mirroring, Raid
Managing Servers
• Busy disks or printers store information in queues, (memory or disk space)
• Disks use an area know as swap space as if it were memory, when memory gets filled.– Free disk space is critical to good performance
• Fragmentation is another concern
Managing Servers
• Drives need to be defragmented routinely
• Drives need to be scanned for bad sectors as numerous writes and re-writes damage the media.
Managing Servers
• Memory– Memory gets sub-divided into page frames– Programs and information are loaded as needed
• Paging
• Look ahead capability
• Page fault occurs when the machine can’t load the next program piece into memory
– Order more memory
Managing Servers
• Stored data errors– Disks wear out– Maximize redundancy against cost
• Redundancy
• Fault tolerance – back-up mechanisms– Trade offs against budget
Data storage models
• Mirroring ( Shadowing)– Two disk exactly the same.
• Hardware & software mirroring
• One controller – two drives
– Duplexing• Town controllers, two drives
Mirror
Duplex
Data storage models
• Raid– Redundant array of inexpensive (independent)
disks ( Hardware or software)– Involves disk striping– Raid levels 0 thru 5– The RAID appears as one logical disk
• RAID –1 is a disk mirror
Data storage models
• Raid– RAID – 5 has at least three disks
• The more spindles, the smaller the impact on disk space
• Data is written across all the disks, including parity
• If a disk fails, the parity is used to restore the data when a new disk is installed
– See - http://www.acnc.com/04_01_00.html#top
Raid 0
RAID Level 0 requires a minimum of 2 drives to implement
Raid 0
• Characteristics/AdvantagesRAID 0 implements a striped disk array, the data is broken down into blocks and each block is written to a separate disk drive
• I/O performance is greatly improved by spreading the I/O load across many channels and drives
• Best performance is achieved when data is striped across multiple controllers with only one drive per controller
• DisadvantagesNot a "True" RAID because it is NOT fault-tolerant
• The failure of just one drive will result in all data in an array being lost
• Should never be used in mission critical environments
Raid 0
• Advantages Cont.
• No parity calculation overhead is involved
• Very simple design
• Easy to implement
• Recommended Applications
• Video Production and Editing
• Image Editing
• Pre-Press Applications
• Any application requiring high bandwidth
Copyright © 2000 Advanced Computer & Network Corporation. All Rights Reserved.
Copyright © 2000 Advanced Computer & Network Corporation. All Rights Reserved.
Raid 5
• Characteristics/AdvantagesHighest Read data transaction rate
• Medium Write data transaction rate
• Low ratio of ECC (Parity) disks to data disks means high efficiency
• Good aggregate transfer rate
• DisadvantagesDisk failure has a medium impact on throughput
• Most complex controller design
• Difficult to rebuild in the event of a disk failure (as compared to RAID level 1)
• Individual block data transfer rate same as single disk
Copyright © 2000 Advanced Computer & Network Corporation. All Rights Reserved.
Raid 5
• Recommended Applications
• File and Application servers
• Database servers
• WWW, E-mail, and News servers
• Intranet servers
• Most versatile RAID level
Tape Drives
• Historically proven to confuse people– too many standards across manufacturers
• Cheaper for mass storage of data
• QIC Standard (Quarter inch Cartridge)– 60 megs / 9 data tracks / 300 ft. of tape– cartridge was too big
Tape Drives
• Second Standard (cassette)• Lead to DC (large cartridge)
– MC (small Cartridge)
• Better the controller / faster the backup• QIC-40
• FAT• 20 Tracks• 68 segments of 29 sectors
Tape Drives
• DAT (Digital Audio Tape)– helical scan technology
• digital formatting• high capacity / reliability
• 8mm– high throughput
• DLT (Digital Linear Tape)– 20 to 40 G compressed @ 1.5 - 3 M/sec
Tape Drives
• TRAVAN (3M)– proprietary, levels TR-1 through TR-4– 400 meg uncompressed TR-1– 800 meg uncompressed TR-2– 1.6G uncompressed TR-3– 4G uncompressed TR-4– All drives feature 2 to 1 compression
Tape Drives
• Which one?– Amount of data– Data throughput required– best for you standard– cost $$$
Tape Drives
• Software Considerations– Unattended backup– Macro Capability - changing options / file
selection– Quick tape-erase– Partial tape-erase– Un-erase– Password Protection
Tape Drives
• http://www.quantum.com/src/whitepapers/wp_reliability.htm
• http://www.quantum.com/src/whitepapers/wp_stp.htm
Backups
• Transferring data from a hard drive to another medium– CD, Tape, Disk
• Full Backup– Image– File – file
Backups
• Incremental– Copy the files that have changed since the last
backup.
• Differential– Files that changed since the last full b/u
• Daily – Copy files that changed on a particular day
Other Storage Devices
• Jazz Drives
• Zip Drives
• LS-120 drive
• Magneto-Optical
• WORM drives
Network Performance
• SNMP- Simple Network Management Protocol– Part of TCP/IP
– Stores information in MIB, management information base
– Collected using software agents
– Monitored by a SNMP management station
• CMIP – Common Management Interface Protocol– Higher memory requirements
– Part of OSI model
• http://www.3com.com/solutions/traffix/demoreq.html
Tools
• Multi Meter– Voltmeter– Ohm Meter
• Cable scanner– Optical Fault Finder– Time domain reflecometer (TDR)
• Protocol Analyzer
Firewalls
• http://www.spirit.com/CSI/firewalls.html
• http://www.firewallguide.com/
• http://www.firewall.com/
• http://firewall.esoft.com/
• http://www.iss.net/customer_care/resource_center/whitepapers/
Firewalls
• Address filtering
• Packet filtering
• Network address translation
• PROXY server
Vulnerabilities
• Personal computer
• Network
• Mainframe
• Files & Programs
Vulnerabilities
• Privacy
• People
• Building
• Equipment
Trends that create vulnerabilities:
• Networking systems are proliferating, radically changing the installed base of computer systems and system applications.
• Computers are an integral part of American Business, computer related risks cannot be separated from general business risks.
Trends
• The widespread use of databases containing personal information, i.e. medical or credit records, places individual privacy at risk.
• Computers are placed in areas that demand a high degree of trust, (i.e. medical instruments) increases the likelihood that accidents can result in death.
The ability to abuse computer systems is widespread.
• The International political environment is unstable, raising questions about the potential for transnational attacks as computer networks are growing.
• Computers are in demand and easily stolen.
Security
• Security implementation depends upon - – Value of the information protected.– Function the system performs– Cost vs. Benefit– Nature of the organization
The Nature of Security
• Vulnerability
• Threat
• Countermeasure
• Security must be holistic -
• Technology, Management, and Social Elements
Consists of -
• Computer hardware, software, network, facilities, and people
• Safety and Security go hand in hand
• Physical Security - protecting the building and the personnel within the building.– Use access control -– Cipher locks, fences, guards, TV monitoring
Consists of -
• Program Security - ensuring that computer programs are not tampered with and the physical code is reliable.
• Use frequent audits, local administrator, configuration control
• Make use of accounting programs
Computer security
• More information is available to more people. the lack of control over information increases the opportunity for harm.
• Technology is advancing at a rate that out paces the legal system.
Authorization vs. Access -
• Ensuring that those that use the programs are in fact authorized to perform the function.
• Password control, access control
• Network Security - monitoring the computer network for unusual occurrences.
• Network management software
Site Security -
• Ensuring that the computer location is protected and that in the event of a disaster the software & hardware are protected.
• Off sight storage of software and files
• Alternate sight if primary sight is damaged
Personnel Security -
• Monitoring the employees within an organization.
• Codes of Conduct, Security clearances,
• Background checks, network software to
• Watch for unusual activity, two-person control