* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Module 2: Managing and Monitoring Dynamic Host
Survey
Document related concepts
Serializability wikipedia , lookup
Open Database Connectivity wikipedia , lookup
Microsoft Access wikipedia , lookup
Oracle Database wikipedia , lookup
Extensible Storage Engine wikipedia , lookup
Functional Database Model wikipedia , lookup
Relational model wikipedia , lookup
Ingres (database) wikipedia , lookup
Concurrency control wikipedia , lookup
Microsoft Jet Database Engine wikipedia , lookup
Microsoft SQL Server wikipedia , lookup
Database model wikipedia , lookup
Transcript
Module 3: Managing and Monitoring Dynamic Host Configuration Protocol (DHCP) Overview Managing a DHCP Database Monitoring DHCP Applying Security Guidelines for DHCP Lesson: Managing a DHCP Database Overview of Managing DHCP What Is a DHCP Database? How a DHCP Database Is Backed Up and Restored How To Back Up and Restore a DHCP Database How a DHCP Database Is Reconciled How To Reconcile a DHCP Database Overview of Managing DHCP The DHCP service needs to be managed to reflect changes in the network and the DHCP server Scenarios for managing DHCP: Managing DHCP database growth Protecting the DHCP database Ensuring DHCP database consistency Adding clients Adding new network service servers Adding new subnets What Is a DHCP Database? The DHCP database is a dynamic database that is updated when DHCP clients are assigned or as they release their TCP/IP address leases The DHCP database contains DHCP configuration data, such as information about scopes, reservations, options, and leases Windows Server 2003 stores the DHCP database in the directory %Systemroot%\System32\Dhcp The DHCP database files include: DHCP.mdb Tmp.edb J50.log and J50*.log Res*.log J50.chk How a DHCP Database Is Backed Up and Restored DHCP Server Restore Offline Storage DHCP Back up DHCP Restore Back up Inthe If The the DHCP administrator original eventservice that database the moves automatically server is aunable hardware copy backs of to the load, fails, backed upthe theDHCP DHCP administrator up DHCP service database database can to thean automatically to restore backup offline onlydirectory storage from restores thelocation on offline from the local the storage backup drive location directory on the local drive How to Back Up and Restore a DHCP Database Your instructor will demonstrate how to: Apply guidelines when backing up and restoring a DHCP database Configure a DHCP database backup path Manually back up a DHCP database to the backup directory on a local drive Manually restore a DHCP database from the backup directory on a local drive How a DHCP Database Is Reconciled DHCP Database Detailed IP address lease information Registry Summary IP address lease information Compares information to find inconsistencies Reconciles inconsistencies in the DHCP database DHCP Server Example Summary information Client has IP address 192.168.1.34 Detailed information Reconciled DHCP database IP address 192.168.1.34 is available Create an active lease entry How to Reconcile a DHCP Database Your instructor will demonstrate how to: Prepare to reconcile a DHCP database Reconcile all scopes in a DHCP database Reconcile a scope in a DHCP database Practice: Managing a DHCP Database In this practice, you will manage a DHCP database Lesson: Monitoring DHCP Overview of Monitoring DHCP Multimedia: Creating a Performance Baseline (Optional) What Are DHCP Statistics? How to View DHCP Statistics What Is a DHCP Audit Log File? How DHCP Audit Logging Works How to Monitor DHCP Server Performance by Using the DHCP Audit Log Guidelines for Monitoring DHCP Server Performance Common Performance Counters for Monitoring DHCP Server Performance Guidelines for Creating Alerts for a DHCP Server Overview of Monitoring DHCP Why monitor DHCP? The DHCP environment is dynamic Increased DHCP server performance Provides the ability to plan for current and future needs DHCP data includes: DHCP statistics DHCP events DHCP performance data Multimedia: (Optional) Creating a Performance Baseline The objective of this presentation is to provide high-level steps for creating a performance baseline After this presentation, you will be able to: Explain the purpose of a performance baseline Explain that a performance baseline is the level of system performance that you find acceptable Explain that server performance is critical to efficient network operations What Are DHCP Statistics? DHCP Server DHCP statistics represent statistics collected at either the server level or scope level since the DHCP service was last started How to View DHCP Statistics Your instructor will demonstrate how to: Enable DHCP statistics to automatically refresh View DHCP server statistics View DHCP scope statistics What Is a DHCP Audit Log File? A DHCP audit log is a log of service-related events, such as when: the service starts and stops; authorizations have been verified; or IP addresses are leased, renewed, released, or denied How DHCP Audit Logging Works Audit logging is the daily collection of DHCP server events into log files. DHCP server closes the existing log and moves to the log file for the next day of the week 12:00 am 3. DHCP closes daily audit log DHCPSrvLog-Tue.Log DHCP server writes a header message in the audit log, indicating that logging has started 1. DHCP opens daily audit log 2. DHCP performs disk checks DHCPSrvLog-Mon.Log Disk checks ensure that both the ongoing availability of server disk space and the current audit log file do not become too large or grow too rapidly How to Monitor DHCP Server Performance by Using the DHCP Audit Log Your instructor will demonstrate how to: Enable and configure DHCP audit logging View the DHCP audit log Guidelines for Monitoring DHCP Server Performance Create a baseline of performance data on the DHCP server Check the standard counters for server performance, such as processor utilization, paging, disk performance, and network utilization Review DHCP server counters to look for significant drops or increases that indicate a change in DHCP traffic Common Performance Counters for Monitoring DHCP Server Performance Performance counters Packets received/second What to look for after a baseline is established Monitor for sudden increases or decreases which could reflect problems on the network Monitor for sudden increases or decreases which Requests/second could reflect problems on the network Active queue length Duplicates dropped/second Monitor for increases both sudden and gradual which could reflect increased load or decreased server capacity Monitor for any activity which could indicate that more than one request is being transmitted on behalf of clients Guidelines for Creating Alerts for a DHCP Server Define the acceptable level that a DHCP counter can rise above or fall below, before creating an alert Use scripts with your alerts Practice: Monitoring DHCP In this practice, you will monitor DHCP Lesson: Applying Security Guidelines for DHCP Guidelines for Restricting an Unauthorized User from Obtaining a Lease Guidelines for Restricting an Unauthorized, nonMicrosoft DHCP Server from Leasing IP Addresses Guidelines for Restricting Who Can Administer the DHCP Service Guidelines for Securing the DHCP Database Guidelines for Restricting an Unauthorized User from Obtaining a Lease To restrict an unauthorized user from obtaining a lease: Ensure that unauthorized persons do not have physical or wireless access to your network Enable audit logging for every DHCP server on your network Regularly check and monitor audit log files Use 802.1X-enabled LAN switches or wireless access points to access the network Guidelines for Restricting Unauthorized, Non-Microsoft DHCP Servers from Leasing IP Addresses To restrict an unauthorized, non-Microsoft DHCP server from leasing IP addresses: Ensure that unauthorized persons do not have physical or wireless access to your network Microsoft DHCP Server Only DHCP servers running Windows 2000 or Windows Server 2003 can be authorized in Active Directory Unauthorized, non-Microsoft DHCP Server Non-Microsoft DHCP server software does not include the authorization feature that is included in Windows 2000 and Windows Server 2003 Guidelines for Restricting Who Can Administer the DHCP Service To restrict who can administer the DHCP service: Restrict the membership of the DHCP Administrators group to the minimum number of users necessary to administer the service If there are users who need read-only access to the DHCP console, then add them to the DHCP Users group instead of the DHCP Administrators group DHCP Users group Have read-only DHCP console access to the server DHCP Administrators group Can view and modify any data about the DHCP server Guidelines for Securing the DHCP Database To further secure the DHCP database: Consider changing the default permissions of the DHCP folder Provide only the minimum permissions required to users to enable them to perform their task Provide Read permissions to users responsible for analyzing DHCP server log files Remove Authenticated Users and Power Users to minimize access to the files in the DHCP folder Lab A: Managing and Monitoring DHCP In this lab, you will manage and monitor DHCP