NETWORK ADMINISTRATION

1
NETWORK ADMINISTRATION
2
Desktop Overview

• The first PCs were designed as standalone desktop
  systems. The operating system (OS) software
  allowed one user at a time to access files and
  system resources. The user had physical access to
  the PC. As PC-based computer networks gained
  popularity in the workplace, software companies
  developed specialized network operating systems
  (NOS). Developers designed NOS to provide file
  security, user privileges, and resource sharing
  among multiple users.

3
Networking

• Within a decade, networking has become of central
  importance to desktop computing.
• Now, most popular operating systems, such as
  Microsoft Windows 2000 and Linux, are found on
  high-powered network servers and on the desktops
  of end users.

4
Operating Systems

• Some Windows operating systems may be installed
  on workstations and servers. The NT/2000/XP
  versions of Windows software provide network
  server capability. Windows 9x and ME versions
  only provide workstation support.
• UNIX or Linux can serve as a desktop operating
  system but are usually found on high-end
  computers.

5
Network Servers

• In a network operating system environment, many
  client systems access and share the resources of
  one or more servers.
• Network operating systems have additional network
  management tools and features that are designed
  to support access by large numbers of
  simultaneous users. On all but the smallest
  networks, NOSs are installed on powerful servers.
  Many users, known as clients, share these
  servers. Servers usually have high-capacity,
  high-speed disk drives, large amounts of RAM,
  high-speed NICs, and in some cases, multiple
  CPUs.

6
Server Applications

• Server applications and functions include web
  services using Hypertext Transfer Protocol
  (HTTP), File Transfer Protocol (FTP), and Domain
  Name System (DNS). Standard e-mail protocols
  supported by network servers include Simple Mail
  Transfer Protocol (SMTP), Post Office Protocol 3
  (POP3), and Internet Messaging Access Protocol
  (IMAP).

7
File Sharing

• File sharing protocols include Sun Microsystems
  Network File System (NFS) and Microsoft Server
  Message Block (SMB).

8
Other Server Services

• Network servers frequently provide print
  services. A server may also provide Dynamic Host
  Configuration Protocol (DHCP), which
  automatically allocates IP addresses to client
  workstations. In addition to running services for
  the clients on the network, servers can be set to
  act as a basic firewall for the network. This is
  accomplished using proxy or Network Address
  Translation (NAT), both of which hide internal
  private network addresses from the Internet.

9
Client/Server

• In a client-server environment, the client and
  server share or distribute processing
  responsibilities.
• An example of a client-server relationship is a
  File Transfer Protocol (FTP) session. FTP is a
  universal method of transferring a file from one
  computer to another. For the client to transfer a
  file to or from the server, the server must be
  running the FTP daemon or service.

10
Client/Server

• The Internet is also a good example of a
  distributed processing client-server computing
  relationship. The client or front end typically
  handles user presentation functions, such as
  screen formatting, input forms, and data editing.
  This is done with a browser, such as Netscape or
  Internet Explorer. Web browsers send requests to
  web servers. When the browser requests data from
  the server, the server responds, and the browser
  program receives a reply from the web server. The
  browser then displays the HTTP data that was
  received.

11
Client/Server

• Another example of a client-server relationship
  is a database server and a data entry or query
  client in a LAN. The client or front end might be
  running an application written in the C or Java
  language, and the server or back end could be
  running Oracle or other database management
  software. In this case, the client would handle
  formatting and presentation tasks for the user.
  The server would provide database storage and
  data retrieval services for the user C.

12
File Servers

• In a typical file server environment, the client
  might have to retrieve large portions of the
  database files to process the files locally. This
  retrieval of the database files can cause excess
  network traffic. With the client-server model,
  the client presents a request to the server, and
  the server database engine might process 100,000
  records and pass only a few back to the client to
  satisfy the request. Servers are typically much
  more powerful than client computers and are
  better suited to processing large amounts of
  data.

13
Client/Server Costs

• The distribution of functions in client-server
  networks brings substantial advantages, but also
  incurs some costs. Although the aggregation of
  resources on server systems brings greater
  security, simpler access, and coordinated
  control, the server introduces a single point of
  failure into the network. Without an operational
  server, the network cannot function at all.
  Additionally, servers require trained, expert
  staff to administer and maintain them, which
  increases the expense of running the network.
  Server systems require additional hardware and
  specialized software that adds substantially to
  the cost.

14
NOS

• A computer operating system (OS) is the software
  foundation on which computer applications and
  services run on a workstation. Similarly, a
  network operating system (NOS) enables
  communication between multiple devices and the
  sharing of resources across a network. A NOS
  operates on UNIX, Microsoft Windows NT, or
  Windows 2000 network servers.

15
NOS/OS

• Common functions of an OS on a workstation
  include controlling the computer hardware,
  executing programs and providing a user
  interface.
• In contrast, a NOS distributes functions over a
  number of networked computers. A NOS depends on
  the services of the native OS in each individual
  computer. The NOS then adds functions that allow
  access to shared resources by a number of users
  concurrently.

16
NOS SERVER

• A NOS server is a multitasking system, capable of
  executing multiple tasks or processes at the same
  time. The NOS scheduling software allocates
  internal processor time, memory, and other
  elements of the system to different tasks in a
  way that allows them to share the system
  resources.

17
NOS

• The main features to consider when selecting a
  NOS are performance, management and monitoring
  tools, security, scalability, and robustness or
  fault tolerance.

18
Performance

• A NOS must perform well at reading and writing
  files across the network between clients and
  servers. It must be able to maintain fast
  performance under heavy loads, when many clients
  are making requests.

19
Management and monitoring

• The management interface on the NOS server
  provides the tools for server monitoring, client
  administration, file, print, and disk storage
  management. The management interface provides
  tools for the installation of new services and
  the configuration of those services.
  Additionally, servers require regular monitoring
  and adjustment.

20
Security

• A NOS must protect the shared resources under its
  control. Security includes authenticating user
  access to services to prevent unauthorized access
  to the network resources. Security also performs
  encryption to protect information as it travels
  between clients and servers

21
Scalability

• Scalability is the ability of a NOS to grow
  without degradation in performance. The NOS must
  be capable of sustaining performance as new users
  join the network and new servers are added to
  support them.

22
Robustness/fault tolerance

• A measure of robustness is the ability to deliver
  services consistently under heavy load and to
  sustain its services if components or processes
  fail. Using redundant disk devices and balancing
  the workload across multiple servers can improve
  NOS robustness.

23
Windows

• Since the release of Windows 1.0 in November
  1985, Microsoft has produced many versions of
  Windows operating systems with improvements and
  changes to support a variety of users and
  purposes.

24
Windows

• NT 4 was designed to provide an environment for
  mission critical business that would be more
  stable than the Microsoft consumer operating
  systems. It is available for both desktop (NT 4.0
  Workstation) and server (NT 4.0 Server).
• Windows 2000 enables objects, such as users and
  resources, to be placed into container objects
  called organizational units (OUs). Administrative
  authority over each OU can be delegated to a user
  or group. This feature allows more specific
  control than is possible with Windows NT 4.0.

25
Windows

• Windows 2000 Professional is not designed to be a
  full NOS.
• The primary purpose of Windows 2000 Professional
  is to be part of a domain as a client-side
  operating system. The type of hardware that can
  be installed on the system is limited. Windows
  2000 Professional can provide limited server
  capabilities for small networks and peer-to-peer
  networks. It can be a file server, a print
  server, an FTP server, and a web server, but will
  only support up to ten simultaneous connections.

26
Windows 2000 Server

• Windows 2000 Server adds to the features of
  Windows 2000 Professional many new
  server-specific functions. It can also operate as
  a file, print, web and application server.
• It provides integrated connectivity with Novell
  NetWare, UNIX, and AppleTalk systems. It can also
  be configured as a communications server to
  provide dialup networking services for mobile
  users.

27
Other Operating Systems

• Unix
• Linux
• Mac OS X (10) (Apples Version)

28
Monitoring the Network
29
The two primary reasons for network monitoring
are 1) predicting changes for future growth 2)
detecting unexpected changes in network status
PING - AN IMPORTANT NETWORK TEST!
FOR LARGE NETWORKS Ping a few of the important
hosts, servers, routers, and switches to verify
their connectivity
30
Network monitoring looks at the actual packet
traffic on the network and generates reports
based upon the network traffic.
Monitor examples
Microsoft Windows NT network monitor Fluke's
Network Analyzer
31
(No Transcript)
32
Management Station The management station is
the network manager's interface into the network
system. It has the programs to manipulate data
from and control the network. The management
station also maintains a database of management
information (MIB) extracted from the devices
under its management.
33

• Management Agent
• Component that is contained in the devices that
  are to be managed. Bridges, routers, hubs, and
  switches may contain SNMP agents .
• The management agent responds to the management
  station in two ways.
• Polling - the management station requests data
  from the agent and the agent responds with the
  requested data.
• 2) Trapping is a data gathering method designed
  to reduce traffic on the network and processing
  on the devices being monitored.

34
Management Information Base(MIB) The management
information base has a database structure and is
resident on each device that is managed. The
database contains a series of objects, which are
resource data gathered on the managed device.
Some of the categories in the MIB include Port
interface data, TCP data, and ICMP data.
35
Network Management Protocol The network
management protocol used is SNMP. SNMP is an
application layer protocol SNMP is designed to
communicate data between the management console
and the management agent. It has three key
capabilities. The ability to GET, the management
console retrieving data from the agent, PUT, the
management console setting object values on the
agent, and TRAP, the agent notifying the
management console of significant events
36
One of the greatest enhancements to SNMP is
called Remote Monitoring (RMON).
RMON extensions to SNMP give the ability to look
at the network as a whole as opposed to looking
at individual devices.
37
RMON PROBES
Probes gather remote data in RMON. A probe has
the same function as a SNMP agent. A probe has
RMON capabilities an agent does not. When
working with RMON, as with SNMP, a central
management console is the point of data
collection An RMON probe is located on each
segment of the network monitored. These probes
can be dedicated hosts, resident on a server, or
included in a standard networking device such as
a router or switch. probes gather the specified
data from each segment and relay it to the
management console.
38
(No Transcript)
39
(No Transcript)
40
The Ethernet Statistics Group Contains
statistics gathered for each monitored
subnetwork. These statistics include counters
(incremental that start from zero) for bytes,
packets, errors, and frame size. The other type
of data reference is an index table. The table
identifies each monitored Ethernet device,
allowing counters to be kept for each individual
Ethernet device. The Ethernet Statistics Group
provides a view of the overall load and health of
a subnetwork by measuring different types of
errors including CRC, collisions, over and
under-sized packets.
41
The History Control Group Contains a data table
that will record samples of the counters in the
Ethernet Statistics Group over a specified period
of time. The default time every thirty
minutes table size is fifty entries total of
twenty-five hours of continuous monitoring These
samples provide a baseline of the network and can
be used to compare against the original baseline
to resolve problems or to update the baseline as
the network changes.
42
The Alarm Group
Thresholds set, and when met, a message or alarm
will be sent to the specified people This
process, known as an error trap, can automate
many functions
OR
43
The Host Group Contains counters maintained about
each host discovered on the subnetwork segment.
Counter categories maintained are Packets,
Octets, Errors, and Broadcasts. Example Total
packets, Packets received, Packets sent, along
with many counters specific to the type of item.
The Host TOPN Group Prepares reports about a
group of hosts that top a statistical list based
on a measured parameter. Ex A report could be
generated for the top ten hosts generating
broadcasts for a day or most packets transmitted
during the day. Easy way to determine who and
what type of data traffic most occupies the
selected subnetwork
44

• The Matrix Group
• Records the data communication between two hosts
  on a subnetwork
• data is stored in the form of a matrix (a multi-
  dimensional table).

Examples one report might show all users of a
particular server, while another report shows all
the servers used by a particular host.
45
The Filter Group Provides a way that a
management console can instruct an RMON probe to
gather selected packets from a specific interface
on a particular subnetwork. Based on the use of
two filters, the DATA and the STATUS filter. The
data filter is designed to match or not match
particular data patterns The status filter is
based on the type of packet looked at
46
The Packet Capture Group Allows the
administrator to specify a method to use to
capture packets that have been selected by the
Filter Group Administrator can look at the exact
detail for packets that meet the basic filter
The Event Group Contains events generated by
other groups in the MIB database The Token-Ring
Group Contains counters specific to token-ring
networks
47
Remember that RMON is an extension to the SNMP
protocol . SNMP is still required for RMON to
operate on a network. Later revisions of both
SNMP and RMON. They are labeled as SNMPv2 and
RMON2.
48
Syslog

• The Cisco syslog logging utility is based on the
  UNIX syslog utility. System events are usually
  logged to the system console unless disabled. The
  syslog utility is a mechanism for applications,
  processes, and the operating system of Cisco
  devices to report activity and error conditions.

49
Syslog

• The syslog protocol is used to allow Cisco
  devices to issue these unsolicited messages to a
  network management station
• Every syslog message logged is associated with a
  timestamp, a facility, a severity, and a textual
  log message. These messages are sometimes the
  only means of gaining insight into some device
  misbehaviors.

50
Syslog Errors

• Severity level indicates the critical nature of
  the error message. There are eight levels of
  severity, 0-7, with level 0 (zero) being the most
  critical, and level 7 the least critical. The
  levels are as follows

51
Syslog Errors

• 0 Emergencies
• 1 Alerts
• 2 Critical
• 3 Errors
• 4 Warnings
• 5 Notifications
• 6 Informational
• 7 Debugging

52
Syslog Configuration

• To enable logging to all supported destinations
• Router(config)logging on To send log messages to
  a syslog server host, such as CiscoWorks2000
• Router(config)logging hostname ip address