Mar 20, 2008

Web, SNMP, admin, firewalls

Web, SNMP, admin, firewalls

Miscellaneous

Web Services

Terms:

  • Intranet - Refers to using internet technologies such as a web server on an internal network.
  • HTTP - Hypertext Transfer Protocol is the protocol used to communicate between web servers and web browser software clients.
  • NNTP - Network News Transport Protocol is used to link newsgroups for discussions on the web.
  • FTP - File Transport Protocol is used to transfer files between computers.

SNMP

Network management consists of network management stations communicating with network elements such as hosts, routers, servers, or printers. The agent is the software on the network element (host, router, printer) that runs the network management software. Therefore when the word agent is used it is referring to the network element. The agent will store information in a management information base (MIB). Management software will poll the various network devices and get the information stored in them. RFC 1155, 1157, and 1213 define SNMP with RFC 1157 defining the protocol itself. The manager uses UDP port 61 to send requests to the agent and the agent uses UDP port 62 to send replies or messages to the manager. The manager can ask for data from the agent or set variable values in the agent. Agents can reply and report events.

There are three supporting pieces to TCP/IP network management:

  1. Management Information BASE (MIB) specifies variables the network elements maintain.
  2. A set of common structures and a way to reference the variables in the database.
  3. The protocol used to communicate between the manager and the network element agent which is SNMP.
  • Managed devices - An agent runs on the devices to collect information to be sent to the Management console.
  • Management console - where the network management information is stored and managed.
  • Proxy agent - Performs functions for devices that cannot run agents such as printers.

Microsoft's Systems Management Server (SMS)

Used to monitor, administer, and manage large networks. It includes:

  • Inventory Management - Creates a SQL Server Database with information about processor use, RAM, applications, disk use, and operating systems.
  • Software Distribution - Installation and configuration of software upgrades can be automated.
  • Shared Application Management - Updates routing information automatically on clients when applications are moved.
  • Remote Control and Network Monitor -Used to control and monitor remote clients.

Firewalls

Types of firewalls:

  1. Packet Filtering - Blocks selected network packets.
  2. Circuit Level Relay - SOCKS is an example of this type of firewall. This type of proxy is not aware of applications but just cross links your connects to another outside connection. It can log activity, but not as detailed as an application proxy. It only works with TCP connections, and doesn't provide for user authentication.
  3. Application Proxy Gateway - The users connect to the outside using the proxy. The proxy gets the information and returns it to the user. The proxy can record everything that is done. This type of proxy may require a user login to use it. Rules may be set to allow some functions of an application to be done and other functions denied. The "get" function may be allowed in the FTP application, but the "put" function may not.

Proxy Servers can be used to perform the following functions.

  • Control outbound connections and data.
  • Monitor outbound connections and data.
  • Cache requested data which can increase system bandwidth performance and decrease the time it takes for other users to read the same data.

Application proxy servers can perform the following additional functions:

  • Provide for user authentication.
  • Allow and deny application specific functions.
  • Apply stronger authentication mechanisms to some applications.

Administration

Terms:

  • Workgroup - A means of categorizing machines into groups for easier management. Microsoft recommends that a domain be used to handle management rather than a workgroup when the size of the group is 10 or more.
  • Domain - With regard to administration it is not the same as a domain as referenced on the internet and by DNS, it is a means to group computers together on a network to manage them and their users.
  • Primary Domain Controller (PDC) - Contains a database with user information and is used to authenticate users when access to network resources is requested.
  • Backup Domain Controller (BDC) - The PDC sends its database to this controller and it will operate as PDC if the PDC fails.
  • Share level security - There is a password for each network resource. There is no central control of network access.
  • User level security - Access to network resources is managed on a user basis. There is a central PDC server with a list of user accounts which provides authentication.

Learn about user auditing in NT.

NT supports the following types of groups:

  • Local groups - Rights and permission is granted only to use resources on the local domain. Members of trusted domains can be added to local groups in Windows NT, but normally only local members are added to the local group.
  • Global Groups - Several user accounts from a domain grouped in one account name. They can only contain user accounts from the single domain that created the global group.
  • Special Groups - Used by internal processes in the operating system to provide service such as e-mail and task scheduling.
  • Built-in Groups - Used to do maintenance and administrative work. Typical groups are:
    • Administrative - They have full access to the network and can start and shut down servers. They can create, delete, and modify user accounts, local groups, and global groups.
    • Operator - Have the ability to perform some administrative tasks such as file maintenance, and data backup and recovery.
    • Others - Other capabilities include management of department, or printer accounts.

NT uses a tool called "User Manager for Domains" to add and maintain user accounts.

Perfmon

Performance Monitor (perfmon) is a utility with Windows NT Server and Workstation which allows tracking of multiple system parameters monitoring of network performance. It can monitor microprocessor use, hard drive use, memory use, and much more.

Processor Utilization

  • Percent processor time
  • Processor queue length which indicates the number of processes in queue to be run.

Windows NT counts for memory page faults and pages retrieved from virtual memory every second:

  • Page faults per second which is the number of times a page was not found in real memory.
  • Pages per second is the number of pages retrieved per second to satisfy page faults.

Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts