Chapter Thirteen Maintaining and Upgrading a Network

Keeping Track Establish the baseline for your network Baselining Practice of measuring and recording a network’s current state of operation System’s performance may begin to degrade, sometimes gradually at other times dramatically. Compare baseline observation to current system behavior.

Keeping Track Asset management System of identifying and tracking the hardware and software on your network Record information about how your network is set up and why Physical network layout Documentation on licensing agreements Change management Use your change management system to record any changes resulting from network maintenance or upgrades

Software Changes General steps for software changes Determine whether the change is necessary Research the purpose of the change and its potential effects on other programs Determine whether the change should apply to some or all user and whether it will be distributed centrally or machine-by-machine If you decide to implement the change, notify system administrators, help desk personnel, and users Make sure that people get appropriate training

Software Changes General steps for software changes (cont.) Back up current system or software before making any modifications Prevent users from accessing the system or part of the system being altered Keep the upgrade instructions handy and follow them during installation of the patch or revision Make the change

Software Changes General steps for software changes (cont.) Test the system fully after the change, preferably using the software as a typical user would If the change was successful, re-enable access to the system; if unsuccessful, revert to previous system version of the software Inform system administrators, help desk personnel, and users when the change is complete Record the change in the change management system

Software Changes Patch Improvement or enhancement to a particular piece of a software program May be released to fix major bugs in the original program Bug--Flaw in a software program that causes some part of the program to malfunction Service pack Term Microsoft uses for its significant patches for Windows NT Server and Windows 2000

Software Changes Upgrade Major change to existing code May or may not be offered free from a vendor In general, upgrades are designed to add functionality and fix bugs

Software Changes Application upgrades Represent modifications to all or part of a program that are designed to enhance functionality or fix problems related to software Apply to software shared by clients on the network For example, an upgrade of the database program used to store all the client records

Network Operating System Upgrades Considerations for NOS upgrade Affect on user IDs, groups, rights, and policies Affect on file, printer, and directory access on the server Affect on applications or client interactions on the server Affect on configuration files, protocols, and services running on the server

Network Operating System Upgrades Considerations for NOS upgrade (cont.) Affect on the server’s interaction with other devices on the network Accurately testing the upgrade software in simulated environment Taking advantage of the new operating system to make your system more efficient Having resources available during upgrade process to address any problems

Network Operating System Upgrades Considerations for NOS upgrade (cont.) Allot enough time to perform the upgrade Ensure that users, help desk personnel, and system administrators understand how the upgrade will affect their daily operations and support burdens Training What’s new memos/ s

Steps for NOS Upgrade Research Proposal Evaluation Training Pre-implementation Implementation Post-implementation

Reversing a Software Upgrade Backleveling Process of reverting to a previous version of software after attempting to upgrade it Use the operating system uninstall feature (if available) Restore from backups

Hardware and Physical Plant Changes Guide for changing network hardware Determine whether the upgrade is necessary If possible, back up the current hardware’s configuration Let people that will be affected know that you are making the change, when, and why After change, test the hardware to insure that it is fully operational before allowing users to access Record the change

Adding or Upgrading Equipment Networked workstation Networked printer Hub Server Switches or routers

Adding or Upgrading Equipment The best way to safely gain experience with adding, upgrading, or repairing devices is to experiment with devices that are not currently used on a network Bear in mind that adding a new processor to a server, a new NIC to a router, or more memory to a printer may affect your service or warranty agreement with the manufacturer

Cabling Upgrades and Backbone Upgrades Cabling upgrades May require significant planning and time to implement, depending on the size of your network Backbone upgrades The most comprehensive and complex upgrade involving network hardware

Reversing Hardware Changes As with software changes, you should provide a way to reverse the hardware upgrade and reinstall the old hardware if necessary Keep the old component safe, as you not only might you need to put it back in the device, but you might also need to refer to it for information

Managing Growth and Change Factors that might influence currently developing trends in networking technology Faster data transmission and greater accessibility will bring network access to more people in less time Increasing compatibility between vendors Open standards will make networking careers less specialized and probably more interesting Smarter devices will contribute to each of the above trends, enabling the development of faster, more open standards and providing greater accessibility

Researching Network Trends Magazines, industry associations, colleagues, Internet Newsgroups on the Web can provide valuable information, too

Chapter Fourteen Ensuring Integrity and Availability

What Are Integrity and Availability? Integrity Reliability and accuracy of a network’s programs, data, services, devices, and connections Availability Refers to how consistently and reliably a system can be accessed by authorized personnel

Guidelines for Protecting Your Network Prevent anyone other than a network administrator from opening or changing the system files Monitor the network for unauthorized access or change Process of monitoring a network for unauthorized access to its devices is known as intrusion detection Record authorized system changes in a change management system

Guidelines for Protecting Your Network Install redundant components Situation in which more than one component is installed and ready for use for storing, processing, or transporting is referred to as redundancy Perform regular health checks on the network Monitor system performance, error logs, and the system log book regularly Keep backups, boot disks, and emergency repair disks current and available Implement and enforce security and disaster recovery policies

Virus Program that contains code that may cause the loss of data replicates itself so as to infect more computers Trojan horse Program that is disguised itself as something useful but actually harms your system

Types of Viruses Boot sector viruses Reside on the boot sector of a floppy disk and become transferred to the partition sector or the DOS boot sector on a hard disk Macro Viruses Take the form of a word-processing or spreadsheet program macro File infected viruses Attach themselves directly to the file

Types of Viruses Network viruses Propagate themselves via network protocols, commands, messaging programs, and data links Worms Technically not viruses, but rather programs that run independently and travel between computers across networks

Virus Characteristics Encryption Format that virus checker can’t read Stealth Hide within a program Polymorphism Change themselves as they move from system to system Time-dependence Only activate on a particular date

Antivirus Software Symptoms of a virus Unexplained increases in file sizes Programs launching, running, or exiting more slowly than usual Unusual error messages appearing without probable cause Significant, unexpected loss of system memory Fluctuations in display quality

Antivirus Software Functions your antivirus software should perform Signature scanning Comparison of a file’s content with known virus signatures in a signature database Integrity checking Method of comparing current characteristics of files and disks against an archived version of these characteristics to discover any changes It should detect viruses by monitoring unexpected file changes or virus-like behaviors

Antivirus Software Functions your antivirus software should perform (cont.) Receive regular updates and modifications from a centralized network console Consistently report only valid viruses, rather than reporting “false alarms”

Antivirus Policy General guidelines for an antivirus policy Every computer in an organization should be equipped with virus detection and cleaning software that regularly scans for viruses Users should not be allowed to alter or disable the antivirus software Users should know what to do in case their antivirus program detects a virus Users should be prohibited from installing any unauthorized software on their systems Organizations should impose penalties on users who do not follow the antivirus policy

Virus Hoaxes False alert about a dangerous, new virus that could cause serious damage to your workstation Usually have no realistic basis and should be ignored

Fault Tolerance Capacity for a system to continue performing despite an unexpected hardware or software malfunction Fault tolerant systems provide redundancy or duplication of critical components

Fault Tolerance Fail-over Process of one component immediately assuming the duties of an identical component Hot swappable Identical components that automatically assume the functions of their counterpart if one suffers a fault Single point of failure Point on a network where, if a fault occurs, the transfer of data may break down without possibility of an automatic recovery

Environment and Power Environment Analyze the physical environments in which your devices operate How well are your critical network components protected from environmental hazards Power Whatever the cause, networks cannot tolerate power loss or less than optimal power Surge Line noise Brownout--Also known as a sag Blackout

Uninterruptible Power Supply (UPS) Battery-operated power source directly attached to one or more devices and to a power supply Standby UPS--Switches instantaneously to the battery when it detects a loss of power from the wall outlet Online UPS--Uses the A/C power from the wall outlet to continuously charge its battery, while providing power to a network device through its battery

Factors in Choosing a UPS Amount of power needed A volt-amp (VA) is the product of the voltage and current of the electricity on a line Period of time to keep a device running Line conditioning—surge and line noise protection Cost Low-end --$50-$300 Higher-end--$200-$3000

Generators If your organization cannot withstand a power loss of any duration, consider investing in an electrical generator for your building Gas or diesel powered Cost for industrial-type--$10,000-1M+

Redundant Topologies FDDI and SONET Topology Dual rings provide fault tolerance Mesh or Hybrid Mesh Topology Provide redundant connections between network components

Redundant Storage—RAID Redundant Array of Inexpensive (or Independent) Disks A group of hard disks is called a disk array A sophisticated means for dynamically duplicating or storing data using several physical hard drives Provides fault tolerance for data There are several levels of RAID 0, 1, 5 are the levels most commonly used in Windows-based networks

RAID Level 0—Disk Striping Simple implementation of RAID in which data are written in 64 KB blocks equally across all disks in the array No duplication of data--not actually fault tolerant because if one of the disks fails, you will still lose all your data Requires a minimum of two drives and can support up to 32 Fast because data can be written to multiple drives simultaneously

RAID Level 1—Disk Mirroring Data from one disk are copied to another disk automatically as the information is written Makes an exact copy of a partition on one hard disk to a partition on another hard disk

RAID Level 5—Disk Stripping with Distributed Parity Data are written in small blocks across several disks Includes error correction information (parity) so that if one of the disks fails the lost data can be recovered from the other disks Requires at least 3 partitions of the same size. Each partition should be on a different hard disk.

Server Mirroring and Server Clustering Server mirroring Fault tolerance technique in which one server duplicates the transactions and data storage of another Servers must be identical machines; same processor, same type/size hard disk(s), etc. Can slow network performance Server clustering Fault tolerance technique that links multiple servers together to act as a single server

Data Backup Copy of data and program files created for archiving purposes Backups should be stored in a safe, fireproof location Good idea to store off site Backing up can generate high network traffic Pick a time when there is little or no network traffic

Tape Backups Questions to ask when selecting the appropriate tape backup solution for your network Does the backup drive and/or media storage capacity? Are the backup software and hardware reliable? Does the backup software use data error checking techniques? Is the system quick enough to complete the backup process before daily operations resume? How much do the tape drive, software and media cost? Will the backup hardware and software be compatible with existing network hardware and software? Does the backup system require frequent manual intervention?

Backup Strategy Questions to ask in developing a backup strategy What kind of rotation schedule will backups follow? At what time of day or night will the backups occur? How will you verify the accuracy of the backups? Where will backup media be stored? Who will take responsibility for ensuring that backups occurred? How long will you save backups? Where will backup and recovery documentation be stored?

Backup Strategy Methods Full Backs up all selected files Incremental backup Backs up data that have changed since the last backup (full or incremental) Differential backup Backs up data that have changed since the last full backup

Disaster Recovery Process of restoring critical functionality and data after enterprise-wide outage that affects more than a single system or limited group of users Must take into account the possible extremes, rather than relatively minor situations

Pertinent Issues to a Data Recovery Plan Contact names for emergency coordinators who will execute the disaster recovery response Details on which data and servers are being backed up, how frequently backups occur, where backups are kept, and how backup data can be recovered in full Details on network topology, redundancy, and agreements with national service carriers Regular strategies for testing the disaster recovery plan Plan for managing the crisis