Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Computer network wikipedia , lookup
Zero-configuration networking wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Distributed firewall wikipedia , lookup
Reading 1: Network management This reading covers material within the following unit performance criteria: Identify and evaluate appropriate network management tools to assist in the administration of the complex network. Select and install network management tools in accordance with industry and organisational standards. Test tools to ensure they are operational. Gather and analyse user feedback about using the changed system. Prepare and deliver relevant training in a manner appropriate to the audience. Develop and maintain procedures to ensure regular network reporting and administration in accordance with organisational policies and procedures. Complete documentation of complex network, in line with organisational requirements. Network management tools Having the appropriate tools is essential to easily administer any complex network. Network management tools allow you to perform management functions, such as monitoring network traffic levels, finding bottlenecks and monitoring software usage. Intelligent use of these tools can provide insights into network operations and limits. Major tool groups The major groups of tools that are available are: cable testers network monitors and protocol analysers built-in network management tools supplied within operating systems. Cable testers allow network management to be performed at the lowest level of network infrastructure, ie the interconnecting network cables. Cable testers are vital to providing troubleshooting and benchmarking of the physical network. Use the link below to read further information regarding cable testers: 1 © TAFE NSW, 2007 Cable testers - www.cisco.com. Network monitors and protocol analysers allow network management beyond the physical network and provide management functions at higher levels of the OSI model. This group of software allows network data packets to be captured, measured, viewed, broken apart, as well as many other analysis tasks. Use the links below to familiarise yourself with some of the range of software available to perform these tasks: Network monitoring tools - www.monitortools.com Protocol analysers/packet sniffers - http://sectools.org. All modern operating systems have built-in network management tools. Many of these tools are based on the built-in features of the TCP/IP network protocol suite. Windows, for example, has built-in tools including the ‘Network connections’ tool within ‘Control panel’, and a wide range of commands to troubleshoot and manage networks. Some of the more common and useful Windows commands are as follows: ipconfig ping tracert arp route nslookup. Further information on these commands can be found within the Windows command prompt. Type in the command name followed by ‘/?’, for example, ‘ipconfig /?’. The following links provide more information on the network utilities built-in to Windows: Troubleshooting TCP/IP in Windows XP - www.microsoft.com Windows XP command line reference - www.microsoft.com. Proprietary vendor tools Complex networks consist of many networking devices that can come from a large number of different vendors. Each of these vendors typically supplies propriety software for the configuration and management of their network devices. For reasons of compatibility, it is often preferable to use the vendor supplied tools, for example using web-based configuration software for an ADSL modem. The network management toolkit used within a network will depend on the vendors supplying the following: 2 © TAFE NSW, 2007 operating systems (Windows, Linux, UNIX, MacOS, Solaris, etc) hardware (servers, desktops, notebooks, PDAs, routers, switches, WAP’s, NAS, etc) software (email, database, office suite, etc). It becomes obvious that in large networks the large number of vendor tools can become difficult to manage. For this reason, it can be preferable to minimise the vendors used to supply networking devices. For example, all network switches could be sourced from a single vendor, bulk batches of computers could be purchased from a single vendor or a single desktop operating system could be deployed across all computers. Standards Network management standards To overcome the problems of heterogeneous networks and the myriad of different network management utilities, each vendor uses, most network devices support network management standards. Read the following overview to gain a better understanding of network management basics and standards: Network management basics - www.cisco.com The following websites provide more in-depth information regarding network management standards. Simple Network Management Protocol (SNMP) www.wikipedia.org SNMP - www.cisco.com (first four headings) Common Management Interface Protocol (CMIP) www.wikipedia.org ISO Network management model - www.wikipedia.org. Occupational Health and Safety (OHS) standards When working with networking equipment, you must adhere to any OHS standards that apply to an organisation. Larger organisations will have implemented standards and procedures based upon a hierarchy of safety controls. This involves: elimination–of any elements of risk 3 © TAFE NSW, 2007 substitution–of any hazardous operation or substance with a less hazardous one engineering–to reduce exposure to risk such as restricting access to power supplies administration–of OHS with policies and procedures for safe work practices Personal Protective Equipment (PPE) Standard networking equipment is not especially hazardous, other than the potential for electric shock. There are two main considerations: first and foremost, the safety of the installer/repairer and second, the protection of the equipment from damage. Rules for the installer The installer should follow these basic rules: Don’t work on any electrical equipment unless you are qualified and trained to do so. Remove all jewellery and metallic items when working on electrical equipment. Switch off all equipment and disconnect from the power supply before removing any covers. Certain equipment can include capacitors that store lethal voltages. If the equipment carries such a warning, then only trained personnel should work on this. Replace any blown fuses with one of the same rating. Do not work alone. Have someone nearby to assist in an emergency. Be familiar with the location of the nearest fire extinguisher and how to operate it. This should be of a type suitable for electrical fires. Other safety considerations The equipment being installed or repaired also needs to be protected. The most common forms of damage result from: impact from dropping incorrect installation–misaligned connectors, poor insertion of components, inappropriate location, etc. Electro Static Discharge (ESD)–use an anti-static wrist strap and anti-static packaging to prevent this. 4 © TAFE NSW, 2007 Testing network management tools When testing the network tools you need to check the following: Does the tool track every packet processed for all protocols on the network? Are all network devices able to be managed? What about logical network objects such as users and groups? What overhead does the tool place on the network? How large will log files become? How easy is it to analyse the data stored in files? Does the tool generate alerts? If so, how can these be configured, and what methods are used to indicate an alert situation? Can the network be viewed in real time to identify problems? Are there facilities to upgrade to new standards or ways of operating? When both testing and using network management utilities you must be aware that some tools may collect more information than you, or a machine, can reasonably process. To avoid this, determine the information that is relevant and set filters on the data that is gathered. For example, if you suspect that a workstation is causing a traffic problem, you should filter the data collection to accept only packets to or from that workstation's MAC address or IP address. One of the main reasons for using these network tools is to help identify and proactively avoid network problems. This can result in the network administrator having to make regular changes to the network. It is important to consider the impact of these changes on users. Helping users make use of the changes The ideal goal for network administrators is to make network changes as transparent as possible for users. Users should be shielded from the complexity of the network where possible. Following this strategy should ensure that any changes to the network environment have minimal negative impact on the user. Adding new servers, changing the protocols used, adding more CPUs or drives should create little impact. If the administrator feels 5 © TAFE NSW, 2007 that users will have to change the way that they operate then it is essential to observe the following procedures: For small changes, notify users by, for example, emailing them and explaining the changes and the impact. For larger changes, organise training sessions to explain the new working procedures. Update network documentation, help desk information, and other references to reflect the change/s. Network procedures All organisations have policies and procedures governing various aspects of the business. Network management requires specific policies and procedures to ensure the continued effective operation of the network. While it is possible to have policies that are similar between organisations, procedures will be different for each, mainly because of differences in the architecture of the network environment. Procedures are the detailed rules on how to carry out the activities described in the policies. The network administrator needs to take the policies as agreed by management and form a set of procedures. To be effective and enforceable, the procedures developed by a network administrator need to be approved and endorsed by management. These policies and procedures act as a guideline for network administrators and management to direct efforts to improve and maintain the network. Without these policies and procedures there are no ‘rules’ to direct work practices and the likelihood of a network problem going unnoticed increases. This increases the potential for a problem to escalate to a level where the network may cease to function before a remedy can be implemented. Not only can the administrator use the policies to configure the network, the policies can be used to audit the network or to review performance. While the network management procedures may contain a great deal of detail and provide information on how to carry out common tasks, they do not replace the vendor manuals provided with networking systems. Rather, they are complementary to these manuals. The administrator should still be skilled in the general operation of network hardware and software. 6 © TAFE NSW, 2007 The main topics you would expect to see in a network management procedures document include: network overview–some notes as to what the network is trying to achieve and some background information network security polices and procedures user names, password settings and user rights network administrator responsibilities network structure-possibly a diagram of major components configuration settings of operating system files information about the applications to be allowed on the network users' responsibilities and expectations information on network installation settings in case a rebuild is required user information, such as locations of home directories physical maintenance requirements policies affecting network operations routines for back-ups how to process personnel changes. Documenting a complex network The network could consist of hundreds, if not thousands, of components. Some of these, such as routers and servers, may be very expensive. As with all assets of an organisation, network assets also need to be recorded in an asset register. There are many software and associated hardware products for asset management. You can simply add your network’s hardware to an existing asset database. However, it is also possible to obtain software that can automatically record your network’s hardware and software assets. There will still need to be manual input to record date of purchase, location, price and so on but this type of software can perform the bulk of the data collection and can alert the administrator if it finds new hardware or missing hardware. Some examples of network management software are: OpenView - www.hp.com Systems Management Server - www.microsoft.com 7 © TAFE NSW, 2007 It can be a huge task to create this initial database of network assets, but an even larger job will be keeping it up to date. Things change, new components are delivered and old ones are retired. It is essential that there is a good system of control to ensure that all changes are tracked and recorded. Thorough documentation is a reflection of a thoroughly planned and maintained network. It is a vital component to ensuring efficient network operations. 8 © TAFE NSW, 2007