Presentation is loading. Please wait.

Presentation is loading. Please wait.

IST346: Workstations. Agenda  Look at the computer from the administration viewpoint.  Discuss common workstation operating systems  Discuss computer.

Published byCory Rich Modified over 9 years ago

Similar presentations

Presentation on theme: "IST346: Workstations. Agenda  Look at the computer from the administration viewpoint.  Discuss common workstation operating systems  Discuss computer."— Presentation transcript:

1 IST346: Workstations

2 Agenda  Look at the computer from the administration viewpoint.  Discuss common workstation operating systems  Discuss computer workstations, their role in organizations, and strategies for their administration.

3 Workstations

4 Do you own a computer?  How long did it take you to install all the “stuff” you need on it?  Did you do it yourself or did someone else assist you?  Do you backup your data?  If you lost your hard disk right now, how long would it take to get everything back?

5 Now imagine being responsible for these computers.

6 What is a workstation?  A workstation is a computer dedicated to a single customer’s work.  Typically a notebook or desktop computer  Components of a workstation: Computer Hardware Operating System Software Applications Customizations

7 Workstation configuration Per End User roles  Task worker –  Use IT to perform their job specific job function.  Easy to manage in numbers of users, since the IT role is well defined.  Eg. Call centers operators, insurance claims, accounting clerks  Knowledge worker –  Use IT to create knowledge and solve problems  Challenging to manage in quantity users since each user has unique needs.  Eg. College professors, business analysts, systems administrators  The configuration of the workstation is dependent on the role of the end user.  The effort associated with supporting workstations depends on the number of different roles as opposed to the quantity of actual users

8 IT Economics: Workstation Lifecycle Mgmt  Goal: How do you budget adequately for workstations?  #1 Project how long the workstation will last?  3 years? 4 years? 6 years?  #2 Calculate the direct costs of the workstation  #3 Annual budget = #2 divided by #1 Example: A Computer lab workstation Costs $2000 in hardware & software and has a useful expectancy of 4 years. You should budget $2000/4 = $500/year.

9 Evard’s Cycle (for Workstation configs) New Clean Off Configured Unknown Build Rebuild Update Init. Retire Entropy Debug

10 Workstation management is difficult. Hence, our sponsor of the week…

11 The Microsoft for the next decade.

12 Approaches to Building workstations  Manual  Most error prone and time consuming method  Documented manual processes are less error prone, but still time consuming  Unattended  Automating the manual process  Windows: Unattended / Group Policy, Linux Kickstart / yum.  Cloning  Duplicating the disk of a clean computer  Some automation required to get to configured state.  Eg. Ghost, Acronis, Clonezilla

13 Techniques to minimize entropy  Reactive approaches:  Anti virus / Anti Malware software  Desktop firewalls  “Undo” software: deepfreeze, steady state  Proactive approaches:  Apply automate changes, updates and patches using the one – some - many approach  Principle of least privilege –give the user only enough access to operate the system, not change it.  A combination of all of these approaches is the best method.

14 The Harsh Reality of “Least Privilege”  The more rights the user has to the workstation, the more quickly the system will suffer entropy.  Users who are not Administrators or root cannot install software and change many of the system-wide configurations. This greatly helps reduce inadvertent changes to the system and malware installs.  Some configurations are difficult to use under least privilege (Windows on a notebook)  Better approaches are becoming available:  Windows: User-Account-Control  Linux: sudo

15 The automated update process  One – Some – Many  One. Test the automated update on one computer (usually a test machine). Document the impact of the update.  Some. Apply the update to a few computers. Usually, the reaming test machines of various configurations and always to the computers in the IT department. (We call this dogfooding – eating your own dog food.)  Many. Apply the update to the rest of the organization, making sure to inform users of the potential impact of the update.

16 Automated Patch Management Options For Popular Operating Systems  Windows  WSUS: (Windows Software update Services)  For One System: wuauclt.exe /resetauthorization /detectnow  For Some / Many: (WSUS Server) http://technet.microsoft.com/en-us/wsus/default.aspxhttp://technet.microsoft.com/en-us/wsus/default.aspx  Linux  Yum (Yellow dog Update Manager)  For One System: yum update  For Some / Many: (Roll your own yum repository) http://www.linux.com/archive/feature/37660 http://www.linux.com/archive/feature/37660

17 Customizations  Customizations are the final step in the build process. For all the things that are the same about a computer, there need to be certain things that are unique to each system.  What needs to be customized?  Name of computer  IP address of computer  SID (Security identifier) of a windows computer  Other settings based on the computer’s role:  Is it a lab workstation?  Is it a notebook?  Etc…

18 Automating Customizations  There are numerous tools for automating customizations.  Customize IP Address, using the DHCP service to dynamically assign an IP address at startup.  Computer Name / host name, using the DNS service which resolves IP addresses to host names.  For windows operating systems the Sysprep tool can assist with computer naming and SID (security identifier generation).  Startup scripts can help with the last bit of customizations  If you’re lucky.  It is just as important to automate customizations as it is to automate the build process.  Example: ghostreg system for the iSchool labs

19 Automated Customization Example: GhostReg  A home-grown customization utility for computers that are imaged with Ghost.  The Mac Address (Unique 48-bit number embedded into the computer’s network card) is used to identify the physical computer.  After imaging is complete Script run to  Generate a new SID,  Read desired computer name from Ghostreg database,  Assign desired computer name to computer, and  Add computer to active directory in the appropriate place, which in turn controls any additional configurations.

20 References / Further Reading  TPOSANA  Ch. 3  Least Privilege (great links in article)  http://en.wikipedia.org/wiki/Principle_of_least_privilege http://en.wikipedia.org/wiki/Principle_of_least_privilege  DHCP  DHCP FAQ: http://www.dhcp-handbook.com/dhcp_faq.htmlhttp://www.dhcp-handbook.com/dhcp_faq.html  DNS  Brain, Marshall. "How Domain Name Servers Work." 01 April 2000. HowStuffWorks.com. http://computer.howstuffworks.com/dns.htm 19 August 2009. http://computer.howstuffworks.com/dns.htm

21 Questions?

Download ppt "IST346: Workstations. Agenda  Look at the computer from the administration viewpoint.  Discuss common workstation operating systems  Discuss computer."

Similar presentations

Planning Server Deployments

Planning Server Deployments
1 Week #1 Objectives Review clients, servers, and Windows network models Differentiate among the editions of Server 2008 Discuss the new Windows Server.

1 Week #1 Objectives Review clients, servers, and Windows network models Differentiate among the editions of Server 2008 Discuss the new Windows Server.
1 Week #1 Objectives Review clients, servers, and Windows network models Differentiate among the editions of Server 2008 Discuss the new Windows Server.

1 Week #1 Objectives Review clients, servers, and Windows network models Differentiate among the editions of Server 2008 Discuss the new Windows Server.
14.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.

14.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft Windows Server 2003 Active Directory Infrastructure.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.
Chapter 8 Chapter 8: Managing the Server Through Accounts and Groups.

Chapter 8 Chapter 8: Managing the Server Through Accounts and Groups.
Copyright Anthony K. Holden, 2003. This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,

Copyright Anthony K. Holden, This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial,
Installing software on personal computer

Installing software on personal computer
Installing and Maintaining ISA Server. Planning an ISA Server Deployment Understand the current network infrastructure Review company security policies.

Installing and Maintaining ISA Server. Planning an ISA Server Deployment Understand the current network infrastructure Review company security policies.
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Strategies in Linux Platforms and.

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 14: Problem Recovery.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 14: Problem Recovery.
Ch 8-3 Working with domains and Active Directory.

Ch 8-3 Working with domains and Active Directory.
Ch 11 Managing System Reliability and Availability 1.

Ch 11 Managing System Reliability and Availability 1.
Module 1: Installing Windows XP Professional. Overview Manually Installing Windows XP Professional Automating a Windows XP Professional Installation Using.

Module 1: Installing Windows XP Professional. Overview Manually Installing Windows XP Professional Automating a Windows XP Professional Installation Using.
Chapter 2: Installing and Upgrading to Windows Server 2008 R2 BAI617.

Chapter 2: Installing and Upgrading to Windows Server 2008 R2 BAI617.
Chapter Three OPERATING SYSTEMS.

Chapter Three OPERATING SYSTEMS.
Fundamentals of Networking Discovery 1, Chapter 2 Operating Systems.

Fundamentals of Networking Discovery 1, Chapter 2 Operating Systems.
Your Interactive Guide to the Digital World Discovering Computers 2012.

Your Interactive Guide to the Digital World Discovering Computers 2012.
Cyber Patriot Training

Cyber Patriot Training
by Limoncelli, Hogan, & Chalup

by Limoncelli, Hogan, & Chalup

Similar presentations

Ads by Google