1. Trang chủ
  2. » Công Nghệ Thông Tin

CompTIA Network+ Certification Study Guide part 51 ppt

10 204 0

Đang tải... (xem toàn văn)

THÔNG TIN TÀI LIỆU

Thông tin cơ bản

Định dạng
Số trang 10
Dung lượng 594,73 KB

Nội dung

ChApTEr 10: Network Management 486 FIGurE 10.4 A Simple Physical Network Diagram.. Many physical network diagrams, as represented in Figure 10.5, have the site name, location, type of

Trang 1

ChApTEr 10: Network Management 486

FIGurE 10.4

A Simple Physical Network

Diagram.

Image courtesy of Mark

R Lindsey, mark@lindsey.name

FIGurE 10.3

A Confusing Network

Diagram.

Image courtesy of olimould.com

Trang 2

Configuration Management 487

assistance of network diagram software like Microsoft Visio, SmartDraw,

and/or AutoCAD

Many physical network diagrams, as represented in Figure 10.5, have

the site name, location, type of physical media connecting each site, and the

speed at which the site link is running at Physically laying out your network

devices will help you conserve time and money when you finally do decide to

create or troubleshoot network issues

logical Network diagrams

Logical network diagrams depict how your network looks from a computer’s

point of view and not as a physical structured layout as we might see it in our

server rooms Protocols, configurations, IP addressing, subnets, access control

FIGurE 10.5

A Complex Physical Network Diagram.

Image courtesy of Cisco.com

Trang 3

ChApTEr 10: Network Management

488

lists, security devices (firewalls, virtual private networks [VPNs], and so on), and applications are all logically associated with a computer network and are drawn into logical network diagrams Notice Figure 10.6 does not show any

of the physical characteristics of Figure 10.5 In fact Figure 10.6 has details such as IP addresses, subnets, firewalls, and logical network paths in and out

of different subnets, which are logical

Baselines

Identifying how networks operate under “normal” conditions might help you recognize performance, collision, and utilization issues when compar-ing your “normal” conditions to previous periods of operation

Over a period of time you should document the pattern of “normal” behavior

in your environment, which is called a baseline Baselines should be tracked at particular times of day Baselining activities may include when servers reach maximum allocation, when a router and switch have the highest activity dur-ing the day, and when users are most likely to surf the Internet Creatdur-ing a

FIGurE 10.6

A Logical Network

Diagram.

Image courtesy of Dustin L Fritz

Trang 4

Configuration Management 489

baseline early and continuing to do analysis on this baseline will help you

understand your network better which assists in identifying problems earlier

in the troubleshooting process

Choosing a baseline method can depend on the size of your network

and how many users you have There are free tools on the Internet that can

assist with collecting network statistics, which can then be used to output

statistical reports for later analysis Many baseline tools collect and monitor

activity on the network, as well as on various hardware components such as

CPU, memory, hard drive, and network interface cards (NICs) Other

hard-ware baseline applications are placed in between Wide Area Network (WAN)

links to simply measure throughput, check for packet errors, and identify

bottlenecks Figure 10.7 is an example of a network baseline tool

policies, procedures and Configurations

Network management would be impossible without policies, procedures,

and configurations A calculated plan of action to guide decisions and

achieve sound outcomes is the goal of creating and adhering to policies,

pro-cedures, and configurations Security vulnerabilities and network

manage-ment challenges are the outcomes of badly written or nonexistent policies

FIGurE 10.7

A Network Baseline Tool.

Image courtesy of PacketTrap Perspective

Trang 5

ChApTEr 10: Network Management

490

To prevent this, consider how network technicians create user accounts

If each network technician created user accounts differently, you would have

a lot of problems troubleshooting user account issues because none of the accounts are configured off a standard guideline Policies provide guidelines

on who can create user accounts, for instance Procedures are much more than guidelines Procedures lay out each step needed to accomplish a task For example, when creating a user account, the user ID may be the person’s last name and first initial and not to exceed eight characters Detailed steps with procedures help execute policies

Common policies might address the following:

End user license agreement

Network access and user accounts

Proper destruction of network devices (that is, printers)

Creating of administrative and user passwords

Periodic backups for servers and clients

Termination of user account access

Third party software authorization

User account lockout and account disabling

Missing or corrupt computer files

Malicious code discovery by users

Natural disaster affecting network connectivity

Software management and storage

IP addressing scheme for contractors

Computer naming convention for servers

Network sharing programs for users

WAN troubleshooting techniques

Federal and state computer fraud hotline

regulations

Regulations are very important to plan and establish your local policies and procedures because many organizations are held to state and federal regulations which will affect their responsibilities as a public/private, for profit, or not-for-profit business

Trang 6

Configuration Management 491

Communications Assistance for Law Enforcement Act (CALEA) requires

telecommunications companies and equipment industries to allow for

sur-veillance capabilities See report in Figure 10.8 The Federal

Communica-tions Commissions (FCC) periodically releases reports establishing new

regulations In Figure 10.8, this report requires certain broadband and VoIP

providers to accommodate wiretaps Visit http://www.fcc.gov/calea/ for more

details

Other important regulations:

Health Insurance Portability and Accountability Act (HIPAA) – “The

Office for Civil Rights enforces the HIPAA Privacy Rule, which protects

the privacy of individually identifiable health information, and the

confi-dentiality provisions of the Patient Safety Rule, which protect identifiable

information being used to analyze patient safety events and improve patient

safety.”

http://www.hhs.gov/ocr/privacy/index.html

FIGurE 10.8

FCC CALEA Report.

Trang 7

ChApTEr 10: Network Management

492

Sarbanes-Oxley Act of 2002 – “On July 30, 2002, President Bush signed into law the Sarbanes-Oxley Act of 2002, which he characterized as “the most far reaching reforms of American business practices since the time

of Franklin Delano Roosevelt.” The act mandated a number of reforms to enhance corporate responsibility, enhance financial disclosures, and combat corporate and accounting fraud, and created the “Public Company

Account-ing Oversight Board,” also known as the PCAOB, to oversee the activities of

the auditing profession.”

http://www.sec.gov/about/laws.shtml#sox2002 ISO/IEC 27002:2005 – “… establishes guidelines and general princi-ples for initiating, implementing, maintaining, and improving informa-tion security management in an organizainforma-tion The objectives outlined provide general guidance on the commonly accepted goals of information security management …” The control objectives and controls in ISO/IEC 27002:2005 are intended to be implemented to meet the requirements identified by a risk assessment ISO/IEC 27002:2005 is intended as a common basis and practical guideline for developing organizational secu-rity standards and effective secusecu-rity management practices, and to help build confidence in interorganizational activities …, best practices of con-trol objectives and concon-trols in the following areas of information security management:

Security policy

Organization of information security

Asset management

Human resources security

Physical and environmental security

Communications and operations management

Access control

Information systems acquisition, development, and maintenance

Information security incident management

Business continuity management

Compliance

http://www.iso.org/iso/iso_catalogue/catalogue_tc/catalogue_detail htm?csnumber=50297

Trang 8

Network Monitoring 493

NETworK MoNITorING

Network monitoring is a great way to identify performance and

connectiv-ity issues Using a tool called packet sniffer allows you to collect all the data

that is being transmitted to and from your computer or between routers

The advantage to collecting individual packets is that you will have insight

and detailed inspection of how and why certain traffic is not working For

instance, in Figure 10.9 you can see someone is viewing a Web site If you are

told by a user that they cannot access the Internet, you can confirm it by

col-lecting packets from the network using a packet sniffer or possibly discover

that they really are surfing the Internet HTTP traffic is very easy to identify

in Figure 10.9 because it is presented to you with “http” and the associated

port number of 80 Along with that is the IP address that is captured in the

packet Using packet sniffers is truly remarkable because you can quickly

FIGurE 10.9

Wireshark, an Open Source Packet Sniffer also known as Network Protocol Analyzer.*

*Download Wireshark for free at http://www.wireshark.org

Trang 9

ChApTEr 10: Network Management

494

identify a network performance problem because you are seeing everything

at the packet level come across your network

Just as documentation on configurations and changes can be helpful in solving problems with your network so can the logs generated by the software running on these machines Logs are records of events that have occurred and actions that were taken Many systems will provide logs that will give automated information on events that have occurred, including accounts that were used to log on, activities performed by users and by the system, and problems that transpired These details make logs a valuable tool when troubleshooting problems and identifying adverse incidents (such as intru-sions to the system)

On many systems, the logs may be simple text files that are saved to a location on the local hard drive or a network server In other cases, the sys-tem will provide a specific tool for viewing the information For example, in

Windows NT, 2000, 2003, and XP, a tool called Event Viewer is used to view

a series of logs generated by the operating system As shown in Figure 10.11, Event Viewer allows you to view data stored in the following:

Application log Contains events that are logged by individual

pro-grams or applications installed on the operating system

Security log Displays possible security issues that the operating

system monitors This includes valid and invalid log-on attempts, the use of a specific resource by an audited user, and other actions related to security

System log Displays events logged by the system components of

the operating system Information stored in this log includes facts about drivers that failed to load properly, warnings on low disk space and memory, remote access attempts, and other information

on the system itself

Each of the logs in Event Viewer can be accessed by clicking on the corresponding node in the left pane of the application When a log is selected, the individual events recorded in the log are displayed in the right pane of the application (Figure 10.10) To view specific information about an event, you simply double-click its entry in the right pane Logs are also created by other software and devices installed on a computer, or generated by devices that have been configured to write information to a file stored on a particular com-puter For example, firewall software installed on a server would maintain its own records of users accessing specific Web sites, downloaded files, attempts

to access restricted resources, and other information In the same way, a door lock system may require a personal identification number (PIN), biometrics,

Trang 10

Network Monitoring 495

or a card key before access is granted to the building Such systems commonly

record authorized and denied entry attempts to a file or series of files on a

specific computer In each of these cases, the logs provide a record that can be

reviewed in the event of a security breach or other problems

password lists

Passwords are access codes that use alphanumeric and special characters that

allow you to log onto operating systems, software, or specific files Over the

years, you’ve probably heard that passwords shouldn’t be written down, and

should only be remembered This is generally true in most cases, as it would

be unwise to have passwords written on little pieces of paper and carried

in wallets, left on desks, or stuck to the monitors of computers However,

there may be times when you’re unavailable and other members of the IT

staff need a particular password to fix a problem Because of this, passwords

should also be documented so others can use them

Password lists should contain all of the passwords used to perform

administrative or maintenance tasks on the network This includes

pass-words for:

The administrator account on servers and workstations

Accounts that have access to modify other accounts, in case

man-■

agement of network accounts are needed

FIGurE 10.10

Windows XP Event Viewer.

Ngày đăng: 04/07/2014, 13:21

TỪ KHÓA LIÊN QUAN

TÀI LIỆU CÙNG NGƯỜI DÙNG

TÀI LIỆU LIÊN QUAN

w