Network+ Guide to Networks, Chapter 15 Review
Network Management
In this book, you
have learned the technologies and techniques necessary to design an efficient, fault-tolerant,
and secure network. However, your work isn’t finished once all the clients,
servers, switches, routers, and gateways have been installed. After a network
is in place, it requires continual review and adjustment. A network, like any
other complex system, is in a constant state of flux. Whether the changes are
caused by internal factors, such as increased demand on the server’s processor,
or external factors, such as the obsolescence of a router, you should count on
spending a significant amount of time investigating, performing, and verifying
changes to your network. In this chapter, you will learn about changes dictated
by immediate needs as well as those required to enhance the network’s
functionality, growth, performance, or security. You’ll also learn how best to
implement those changes.
Fundamentals of Network Management
Network management
is a general term that means different things to different networking professionals.
At its broadest, network management refers to the assessment, monitoring, and maintenance
of all aspects of a network. It can include checking for hardware faults,
ensuring high QoS (quality of service) for critical applications, maintaining
records of network assets and software configurations, and determining what
time of day is best for upgrading a router. The scope of network management
techniques differs according to the network’s size and importance. On some
large networks, for example, administrators run network management applications
that continually check devices and connections to make certain they respond within
an expected performance threshold. If a device doesn’t respond quickly enough
or at all, the application automatically issues an alert that pages the network
administrator responsible for that device. On a small network, however,
comprehensive network management might not be economically feasible. Instead,
such a network might run an inexpensive application that periodically tests
devices and connections to determine only whether they are still functioning. Several
disciplines fall under the heading of network management, including topics
discussed in previous chapters, such as posture assessments. All share the
goals of enhancing efficiency and performance while preventing costly downtime
or loss. Ideally, network management accomplishes this by helping the
administrator predict problems before they occur. For example, a trend in
network usage could indicate when a switch will be overwhelmed with traffic. In
response, the network administrator could increase the switch’s processing
capabilities or replace the switch before users begin experiencing slow or
dropped connections. Before you can assess and make predictions about a
network’s health, however, you must first understand its logical and physical
structure and how it functions under typical conditions.
Documentation
Throughout this book, you have witnessed and
read about different types of network documentation. For example, in Chapter
13’s discussion of troubleshooting, you learned that keeping a record of a problem
and its solution helps to prevent similar problems from recurring, or at least
helps technicians deal with it if it does recur. In this section and in the rest
of this chapter, you’ll learn about other types of documentation that
contribute to sound network management.
The way you format and store your
documentation can vary, but to adequately manage your network, you should at
least record the following:
Physical topology—Which types of LAN and WAN topologies does your network use:
bus, star, ring, hybrid, mesh, or a combination of these? Which type of
backbone does your network use—collapsed, distributed, parallel, serial, or a
combination of these? Which type and grade of cabling does your network use?
What types of cables are used and where are they located?
Access method—Does your network use Ethernet (802.3), Wi-Fi (802.11),
WiMAX (802.16), cellular, satellite, or a mix of transmission methods? What
transmission speed(s) does it provide? Is it switched?
Protocols—Which protocols are used by servers, nodes, and
connectivity devices?
Devices—How many of the following devices are connected to your
network—switches, routers, gateways, firewalls, access points, servers, UPSs,
printers, backup devices, and clients? Where are they located? Are they physical
or virtual? If physical, what are their model numbers and vendors?
Operating systems—Which network and desktop operating systems appear on the
network? Which versions of these operating systems are used by each device?
Which type and version of operating systems are used by connectivity devices
such as routers?
Applications—Which applications are used by clients and servers? Where
do you store the applications? From where do they run?
Configurations—What versions of operating systems and applications does
each workstation, server, and connectivity device run? How are these programs
configured? How is hardware configured? The collection, storage, and assessment
of such information belong to a category of network management known as
configuration management. Ideally, you would rely on configuration management
software to gather and store the information in a database, where those who
need it can easily access and analyze the data.
If you have not already collected and
centrally stored the answers to the s just listed, it could take the efforts of
several people and several weeks to compile them, depending on the size and
complexity of your network. This evaluation involves visits to the
telecommunications and equipment rooms, an examination of servers and desktops,
a review of receipts for software and hardware purchases, and, potentially, the
use of a protocol analyzer or network management software package. Though it
requires effort, documenting all aspects of your network promises to save work
in the future. After you have compiled the information, organize it into a
database that can be easily updated and searched. That way, staff can access
the information in a timely manner and keep it current. Understanding
conventions for network documentation can make your task easier.
In this book, you have seen many instances of
network diagrams, which are graphical representations of a network’s devices
and connections. Network diagrams can be as varied as the engineers who create
them. Some adhere strictly to the network’s physical layout and label each connection.
Some represent only the logical topology. Others, like many of the figures in this
book, are more general or designed to highlight one critical part of a network,
such as its perimeter. These might depict an internal network of hundreds of
clients with only a few clients within a circle labeled “internal network,” for
example. You could sketch your network diagram on the back of a napkin or draw
it on your computer using a graphics program. However, many people use software
designed for mapping networks, such as Dia, Edraw, Gliffy, Microsoft Visio, or
Network Notepad. Such applications come with icons that represent different
types of devices and connections. Soon after entering the world of network
engineering, you’ll recognize certain icons that Cisco Systems has created and
made popular. Because of its status in the networking world and the volume of
networking hardware it sells, Cisco has set trends for network diagramming.
Like the “Walk” or “Don’t Walk” signs that are understood on street corners
around the globe, Cisco’s symbols for routers, switches, firewalls, and other
devices are widely accepted and understood in the networking field. Figure 15-1
shows a simplified network diagram that uses Cisco’s iconography, with each
device labeled. Notice that a router is represented by a hockey-puck shape with
two arrows pointing inward and two arrows pointing outward. A wireless router
looks the same, but has two antennas attached. A workgroup switch is represented
by a small rectangular box, which also contains two arrows pointing inward and
two arrows pointing outward. Most network diagrams provide broad snapshots of a
network’s physical or logical topology. This type of view is useful for planning
where to insert a new switch or determining how a particular router, gateway,
and firewall interact. However, if you’re a technician who needs to find a
fault in a client’s wired connection to the LAN, a broad overview might be too
general. Instead, you need a wiring schematic. A wiring schematic is a
graphical representation of a network’s wired infrastructure. In its most
detailed form, it shows every wire necessary to interconnect network devices.
Some less-detailed wiring schematics might use a single line to represent the
group of wires necessary to connect several clients to a switch. Figure 15-2 provides
an example of a detailed wiring schematic for a small office network connection
that relies on cable broadband service to access the Internet. Documenting and
capturing an accurate picture of your network’s physical and logical elements are
initial steps in understanding the network. Next you need to know how it
routinely performs.
Baseline
Measurements
As you learned in Chapter 13, a baseline is a
report of the network’s current state of operation. Baseline measurements might
include the utilization rate for your network backbone, number of users logged
on per day or per hour, number of protocols that run on your network,
statistics about errors (such as runts, collisions, jabbers, or giants),
frequency with which networked applications are used, or information regarding
which users take up the most bandwidth. The graph in Figure 15-3 shows a sample
baseline for daily network traffic over a six-week period. Baseline
measurements allow you to compare future performance increases or decreases caused
by network changes or events with past network performance. Obtaining baseline measurements
is the only way to know for certain whether a pattern of usage has changed (and
requires attention) or, later, whether a network upgrade made a difference.
Each network requires its own approach. The elements you measure depend on
which functions are most critical to your network and its users. For instance,
suppose that your network currently serves 500 users and that your backbone traffic
exceeds 50% at 10:00 a.m. and 2:00 p.m. each business day. That pattern
constitutes your baseline. Now suppose that your company decides to add 200
users who perform the same types of functions on the network.
The added number of users equals 40% of the
current number of users (200/500). Therefore, you can estimate that your
backbone’s capacity should increase by approximately 40% to maintain your
current service levels. The more data you gather while establishing your
network’s baseline, the more accurate your prediction will be. Network traffic
patterns might be difficult to forecast because you cannot predict users’
habits, effects of new technology, or changes in demand for resources over a given
period of time. For instance, the preceding example assumed that all new users
would share the same network usage habits as the current users. In fact,
however, the new users may generate a great deal more, or a great deal less, network
traffic. How do you gather baseline data on your network? Although you could
theoretically use a network monitor or network analyzer and record its output
at regular intervals, several software applications can perform the baselining
for you. These applications range from freeware available on the Internet to
expensive, customizable hardware and software combination products. Before
choosing a network-baselining tool, you should determine how you will use it.
If you manage a small network that provides only one critical application to
users, an inexpensive tool may suffice. If you work on a WAN with several
critical links, however, you should investigate purchasing a more comprehensive
package. The baseline measurement tool should also be capable of collecting the
statistics needed. For example, only a sophisticated tool can measure traffic
generated by each node on a network, filter traffic according to types of
protocols and errors, and simultaneously measure statistics from several
different network segments.
Policies,
Procedures, and Regulations
Imagine you are the network administrator for
a large enterprise network and that you supervise eight network technicians who
are responsible for day-to-day installations, upgrades, and troubleshooting.
Unless you and your technicians agree on policies for adding new users, for
example, you might discover that some users have fewer access restrictions than
they ought to have or that logon IDs don’t follow a standard naming convention.
The former could cause security vulnerabilities, and the latter could make
future user management more challenging. Following rules helps limit chaos,
confusion, and possibly downtime for you and your users. Previous chapters of
this book have described policies, procedures, and regulations that make for
sound network management. They are summarized here:
Media installation and management—Includes designing the physical layout of a cable or
wireless infrastructure, choosing and following best practices for cable management,
testing the effectiveness of cable or wireless infrastructure, and documenting
cable layouts; see Chapters 3 and 8 for more information.
Network addressing policies—Includes choosing and applying an addressing scheme,
determining the use and limits of subnets, integrating an internal network’s addressing
with an external network’s, and configuring gateways for NAT; see Chapters 4
and 9 for more information.
Security-related policies—Includes establishing rules for passwords, limiting
access to physical spaces such as the data center, limiting access to shared
resources on the network, imposing restrictions on the types of files that are
saved to networked computers, monitoring computers for malware, and conducting
regular security audits; see Chapters 11 and 14 for more information.
Troubleshooting procedures—Includes following a methodology for troubleshooting network
problems and documenting their solutions; see Chapter 13 for more information.
Backup and disaster recovery
procedures—Includes establishing a method and schedule for making backups,
regularly testing the effectiveness of backups, assigning a disaster recovery
team and defining each member’s role, and choosing a disaster recovery strategy
and testing it; see Chapter 14 for more information.
In addition to internal policies, a network
manager must consider state and federal regulations that might affect her
responsibilities. In the United States, one such federal regulation is CALEA
(Communications Assistance for Law Enforcement Act), which requires
telecommunications carriers and equipment manufacturers to provide for
surveillance capabilities. CALEA was passed by Congress in 1994 after pressure
from the FBI, which worried that networks relying solely on digital
communications would circumvent traditional wiretapping strategies. In other
words, a phone call made using VoIP over a private WAN cannot be intercepted as
easily as a phone call made via the PSTN. Therefore, if you work at an ISP, for
example, your switches and routers must provide an interface for electronic
eavesdropping and your staff must be ready to allow authorities access to those
devices when presented with a warrant. A second significant federal regulation
in the United States is HIPAA (Health Insurance Portability and Accountability
Act), which was passed by Congress in 1996. One aspect of this regulation
addresses the security and privacy of medical records, including those stored
or transmitted electronically. If you work at any organization that handles
medical records, such as an insurance company, hospital, or transcription
service, you must understand and follow federal standards for protecting the
security and privacy of these records. HIPAA rules are very specific. They
govern not only the way medical records are stored and transmitted, but also
the policies for authorizing access and even the placement and orientation of workstations
where such records might be viewed. Many of the policies and procedures
mentioned in this section are not laws, but best practices aimed at preventing
network problems before they occur. The next section describes techniques for
detecting and managing network problems before they significantly impair access
or performance.
Fault and Performance Management
After documenting every aspect of your
network and following policies and best practices, you are ready to assess your
network’s status on an ongoing basis. This process includes both performance
management and monitoring how well links and devices are keeping up with the
demands placed on them, and fault management, or the detection and signaling of
device, link, or component faults.
Network
Management Systems
To accomplish both fault and performance
management, organizations often use enterprise-wide network management systems.
Hundreds of such tools exist. All rely on a similar architecture, in which at
least one network management console, which may be a server or workstation,
depending on the size of the network, collects data from multiple networked devices
at regular intervals, in a process called polling. Each managed device runs a
network management agent, a software routine that collects information about
the device’s operation and provides it to the network management application
running on the console. So as not to affect the performance of a device while
collecting information, agents do not demand significant processing resources. A
managed device may contain several objects that can be managed, including
components such as processor, memory, hard disk, NIC, or intangibles such as
performance or utilization.
For example, on a server, an agent can
measure how many users are connected to the server or what percentage of the
processor’s resources are used at any time. The definition of managed devices
and their data are collected in a MIB (Management Information Base). Agents
communicate information about managed devices via any one of several Application
layer protocols. On modern networks, most agents use SNMP (Simple Network
Management Protocol). SNMP is part of the TCP/IP suite of protocols and
typically runs over UDP on port 161 (though it can be configured to run over
TCP). Three versions of SNMP exist: SNMPv1, SNMPv2, and SNMPv3. SNMPv1 (Simple
Network Management Protocol version 1) was the original version, released in
1988. Because of its limited features, it is rarely used on modern networks.
SNMPv2 (Simple Network Management Protocol version 2) improved on SNMPv1 with
improved performance and slightly better security, among other features. SNMPv3
(Simple Network Management Protocol version 3) is similar to SNMPv2, but adds
authentication, validation, and encryption for packets exchanged between managed
devices and the network management console.
SNMPv3 is the most secure version of the
protocol. However, some administrators have hesitated to upgrade to SNMPv3
because it requires more complex configuration. Therefore, SNMPv2 is still
widely used. Most network management applications support multiple versions of
SNMP. Some managed devices, however, support only one version. Figure 15-4
illustrates the relationship between a network management application and managed
devices on a network. After data is collected, the network management
application can present an administrator with several ways to view and analyze
the data. For example, a popular way to view data is in the form of a map that
shows fully functional links or devices in green, partially (or less than
optimally) functioning links or devices in yellow and failed links or devices
in red. An example of the type of map generated by a network performance
monitor is shown in Figure 15-5. Because of their flexibility, sophisticated
network management applications are also challenging to configure and
fine-tune. You have to be careful to collect only useful data and not an excessive
amount of routine information. For example, on a network with dozens of
routers, collecting SNMP-generated messages that essentially say “I’m still
here” every five seconds would result in massive amounts of insignificant data.
A glut of information makes it difficult to ascertain when a router in fact
requires attention. Instead, when configuring a network management application
to poll a router, you might choose to generate an SNMP-based message only when
the router’s processor is operating at 75% of its capacity or to measure only the
amount of traffic passing through a NIC every five minutes. Faults and
conditions that exceed certain thresholds can trigger alarms in network management
software. They can also be recorded by system and event logs, as described
next.
System
and Event Logs
Virtually every condition recognized by an
operating system can be recorded. Records of such activity are kept in a log.
For example, each time your computer requests an IP address from the DHCP
server and doesn’t receive a response, this can be recorded in a log. Likewise,
a log entry can be added each time a firewall denies a host’s attempt to
connect to another host on the network that the firewall defends. Different
operating systems log different kinds of events by default. In addition,
network administrators can customize logs by defining conditions under which
new entries are created. For example, an engineer might want to know when the
relative humidity in a data center exceeds 60%. If a device can monitor this
information, the results can be written to a log. On Windows-based computers,
such a log is known as an event log and can be easily viewed with the Event
Viewer application. Figure 15-6 provides an example of data collected in the
event log on a workstation running the Windows 7 operating system. In the
Hands-On Projects at the end of this chapter, you will view an event log using
Windows Event Viewer.
Similar information is routinely recorded by
computers running Linux or UNIX via the syslog function. Syslog is a standard
for generating, storing, and processing messages about events on a system. It
describes methods for detecting and reporting events and specifies the format
and contents of messages. It also defines roles for each computer that participates
in logging events. For example, the computer that is monitored by a
syslog-compatible application and that issues event information is known as a
generator. The computer that gathers event messages from generators is known as
a collector. The syslog standard also establishes levels of severity for every
logged event. For example, “0” indicates an emergency situation and “7” simply
points to very specific information that might help in debugging a problem. Computers
running Linux and UNIX record syslog data in a system log. In general, newer versions
of Linux typically write their system logs to the file /var/log/messages, while
older versions of UNIX often write to a system log in the file /var/logs/syslog
and Solaris versions of UNIX write to a system log in the file /var/adm/messages.
To find out where various logs are kept on your UNIX or Linux system, view the /etc/syslog.conf
file (on some systems this is the /etc/rsyslog.conf file). The /etc/syslog.conf file is also where
you can configure the types of events to log and what priority to assign each
event. Bear in mind that the syslog function doesn’t alert you to any problems,
but it does keep a history of messages issued by the system. It’s up to you to
monitor the system log for errors. Most UNIX and Linux operating systems
provide a GUI application for easily viewing and filtering the information in
system logs. Other applications are available for sifting through syslog data
and generating alerts. In the Hands-On Projects at the end of this chapter,
you’ll view and sort through data in a system log. Much of the information
collected in event logs and system logs does not point to a problem, even if it
is marked with a warning. For example, you might have typed your password incorrectly
while trying to log on to your computer, thus generating a log entry. Using
these logs for fault management requires thoughtful data filtering and sorting.
Traffic
Shaping
When a network must handle high volumes of
network traffic, users benefit from a performance management technique known as
traffic shaping. Traffic shaping involves manipulating certain characteristics
of packets, data streams, or connections to manage the type and amount of
traffic traversing a network or interface at any moment. Its goals are to assure
timely delivery of the most important traffic while offering the best possible
performance for all users. Traffic shaping can involve delaying less-important
traffic, increasing the priority of more important traffic, limiting the volume
of traffic flowing in or out of an interface during a specified time period, or
limiting the momentary throughput rate for an interface. The last two techniques
belong to a category of traffic shaping known as traffic policing. An ISP might
impose a maximum on the capacity it will grant a certain customer. That way, it
ensures that the customer does not tie up more than a certain amount of the
network’s overall capacity. Traffic policing helps the service provider predict
how much capacity it must purchase from its network provider. It also holds
down costs because the ISP doesn’t have to plan for every client using all the
throughput he could at all times (an unlikely scenario). An ISP that imposes
traffic policing might allow customers to choose their preferred maximum daily
traffic volume or momentary throughput and pay commensurate fees. A more
sophisticated instance of traffic policing is dynamic and takes into account
the network’s traffic patterns. For example, the service provider might allow
certain customers to exceed their maximums when few other customers are using
the network. Figure 15-7 illustrates how traffic volume might appear on an
interface without limits compared with an interface subject to traffic
policing. A controversial example of traffic shaping came to light in 2007.
Comcast, one of the largest Internet service providers in the United States,
was found to be clandestinely discriminating against certain types of traffic.
For users uploading files to P2P
(peer-to-peer) networks such as BitTorrent, Comcast was interjecting TCP
packets with the RST (reset) field set. These packets were spoofed to appear as
if they originated from the accepting site, and they cut the connection as the
user attempted to upload files. Soon customers figured out the pattern and used
packet analyzers such as Wireshark to reveal the forged TCP RST packets. They
complained to authorities that Comcast had violated their user agreement. The
FCC investigated, upheld the customers’ claims, and ordered Comcast to stop
this practice. Comcast chose a different method of traffic shaping. It assigned
a lower priority to data from customers who generate a high volume of traffic
when the network is at risk of congestion. Several types of traffic
prioritization—that is, treating more-important traffic preferentially— exist.
Software running on a router, multilayer switch, gateway, server, or even a
client workstation can prioritize traffic according to any of the following
characteristics:
·
Protocol
·
IP address
·
User group
·
DiffServ (Differentiated Services) flag or
TOS (type of service) field in an IP datagram
·
VLAN tag in a Data Link layer frame
·
Service or application
Depending on the traffic prioritization
software, different types of traffic might be assigned priority classes, such
as “high,”“normal,”“low,” or “slow;” alternatively, it can be rated on a
prioritization scale from 1 (lowest priority) to 7 (highest priority). For
example, traffic generated by time-sensitive VoIP applications might be
assigned high priority, while online gaming might be assigned low priority.
Traffic prioritization is needed most when the network is busiest. It ensures
that during peak usage times, the most important data get through quickly,
while less-important data waits. When network usage is low, however, prioritization
might have no noticeable effects.
Caching
In addition to traffic shaping, a network or
host might use caching to improve performance.
Caching is the local storage of frequently
needed files that would otherwise be obtained from an external source. By
keeping files close to the requester, caching allows the user to access those
files quickly. As you’ll learn, it can also save money for ISPs. The most
common type of caching is Web caching, in which Web pages are stored locally, either
on a host or network, and then delivered to requesters. You might be familiar
with the term cache from browsing the Web on your computer. A locally stored
cache will keep copies of the Web pages you have viewed on your computer’s hard
drive. Later, when you want to view the page again, the browser will attempt to
retrieve the page from your cache if the page hasn’t changed since the last
time you viewed it. Local caching is highly customizable. You can choose the
size of your cache, the rules it uses to refresh its contents, and the conditions
under which it clears its contents. To an ISP, however, caching is much more
than just a convenience. It prevents a significant volume of WAN traffic, thus
improving performance and saving money. For example, if dozens of an ISP’s
subscribers read a popular news Web site each morning, the ISP can keep the
entire Web site on its cache engine, a network device devoted to storage and
delivery of frequently requested files. When the ISP’s network receives a
request for that Web site, the network examines the request and redirects it to
a cache engine. The cache engine searches its files for the news Web site. If
the cache engine doesn’t have a current copy of the Web site, it requests the
site from the news organization’s server. In that case, the cache engine
receives and stores the Web site for later delivery.
When another user subsequently requests the
same site, the network redirects the request to the cache engine, which
delivers the Web site without having to request it from the originating server.
The ISP need not spend any of its bandwidth to retrieve the site again until it
has changed.
Asset Management
Another key component in managing networks is
identifying and tracking its hardware and software through asset management.
The first step in asset management is to take an inventory of each node on the
network. This inventory should include the total number of components on the
network, and also each device’s configuration files, model number, serial
number, location on the network, and technical support contact. You will also
want to keep records of every piece of software purchased by your organization,
its version number, vendor, licensing, and technical support contact. The asset
management tool you choose depends on your organization’s needs. You might purchase
an application that can automatically discover all devices on the network and
then save that information in a database, or you might use a simple spreadsheet
to save the data. In either case, your asset management records should be
comprehensive and accessible to all personnel who may become involved in
maintaining or troubleshooting the network. In addition, ensure that the asset
management database is regularly updated, either manually or automatically, as
changes to network hardware and software occur. The information you retain is
useful only while it is current. Asset management simplifies maintaining and
upgrading the network chiefly because you know what the system includes. For
example, if you discover that a router purchased two years ago requires an
upgrade to its operating system software to fix a security flaw, you need to
know how many routers are installed, where they are installed, and whether any
have already received the software upgrade. An up-to-date asset management
system allows you to avoid searching through old invoices and troubleshooting
records to answer these. In addition, asset management provides network
administrators with information about the costs and benefits of certain types
of hardware or software. For example, if you conclude that 50% of your staff’s troubleshooting
time is spent on one flawed brand of NIC, an asset management system can reveal
how many NICs you would need to replace if you chose to replace those cards,
and whether it would make sense to replace the entire installed base. Some
asset management applications can even track the length of equipment leases and
alert network managers when leases will expire.
Change Management
The term asset management originally referred
to an organization’s system for keeping tabs on every piece of equipment it
owned. This function was usually handled through the Accounting Department. Some
of the accounting-related tasks included under the original definition for
asset management, such as managing the depreciation on network equipment or
tracking the expiration of leases, apply to asset management in networking as
well.
Network conditions are always in a state of
flux. Technology advances, vendors come and go, and users’ needs change.
Managing change while maintaining your network’s efficiency and availability
requires good planning. The following sections describe how to approach the
most common types of software and hardware changes, from installing patches to
replacing a network backbone.
Software
Changes
If you have ever supported desktop computers
professionally or even maintained your own computer at home, you know that an
important part of keeping a system running optimally is upgrading its software.
The following sections describe best practices for applying patches, application
upgrades, and NOS upgrades.
Application
Patches and Upgrades
A patch is a correction, improvement, or enhancement
to a software application. It differs from a revision or software upgrade in that
it changes only part of an application, leaving most of the code untouched.
Patches are often distributed at no charge by software vendors in an attempt to
fix a bug in their code or to add slightly more functionality. You’ll encounter
patches in all areas of routine networking maintenance. Among other things, network
maintenance sometimes entails patching the server’s operating system. For example,
if your server runs Windows Server 2008 R2, you might need to apply a patch to
close a security hole that allows remote users to hack into your server. Or you
might have to patch the software on your Cisco switch to fix a vulnerability
that makes it susceptible to denial-of-service attacks. A software upgrade is a
major change to a software package’s existing code. Vendors might or might not
offer upgrades for free. Also, the upgrade might or might not be comprehensive enough
to substitute for the original application. In general, application upgrades
are designed to add functionality and fix bugs in the previous version of the
client. For example, an upgrade to a newer version of Google Chrome might
incorporate features to protect you from Web sites that launch phishing
attempts. The scope and purpose of client upgrades vary widely, depending on
whether the upgrade is a redesign or simply a bug fix. An application upgrade
might be transparent to users, or it might completely change the appearance of
the application interface. Application upgrades typically overwrite some system
files on the workstation, so their installation may affect other applications
adversely. They might even prevent other applications from working as they did
in the past. Whereas patches are usually designed to correct a problem or
vulnerability, upgrades are usually designed to enhance the application’s
functionality. For this reason, an application upgrade may be more a matter of
convenience than necessity. Therefore, the time, cost, and effort involved in
application upgrades should be weighed against the necessity of performing operating
system or client upgrades. This consideration is especially important if a networking
professional’s time is limited (as it usually is).
Although the specifics vary for each type of
software change, the general steps involved can be summarized as follows:
1. Determine whether the patch or upgrade is
necessary.
2. Research the purpose of the change, its
compatibility with current hardware and software, and its potential effects on
other applications. If possible, install the software on
a test system to make sure it acts as
expected. Also determine whether and how the change can be reversed, in case
troubles arise.
3. Determine whether the change should apply
to some or all users. Also decide whether it will be distributed centrally or
machine by machine.
4. After choosing to implement the change,
notify system administrators, help desk personnel, and users. Schedule the
change for completion during off-hours (unless it is an emergency).
5. Back up the current system or software
before making any modifications.
6. If necessary, prevent users from accessing
the system or the part of the system being altered during the change.
7. Keep the software vendor’s patch or
upgrade instructions handy and follow them as you install the patch or
revision.
8. Implement the change.
9. Test the system fully after the change,
preferably exercising the software as a typical user would. Note any unintended
or unanticipated consequences of the modification.
10. If the change was successful, reenable
access to the system. If it was unsuccessful, revert to the previous version of
the software following the process for reversing a software upgrade described
later in this chapter.
11. Inform system administrators, help desk
personnel, and users when the change is complete. If you had to reverse it,
make this known and explain why.
12. Record your change in the change
management system.
NOS
(Network Operating System) Upgrades
Perhaps the most critical type of software
upgrade you’ll perform is an upgrade to your NOS (network operating system). It
usually involves significant, potentially drastic, changes to the way your
servers and clients operate. As such, it requires plenty of forethought,
product research, and rigorous testing before you implement it. In fact, for
any network with more than a few users, you should create and follow project
plan for this undertaking. This plan should include all of the precautions
typically associated with other software upgrades. In addition, you should
consider the following:
·
How will the upgrade affect user IDs, groups,
rights, and policies?
·
How will the upgrade affect file, printer,
and directory access on the server?
·
How will the upgrade affect applications or
client interactions on the server?
·
How will the upgrade affect configuration
files, protocols, and services running on the server?
·
How will the upgrade affect the server’s
interaction with other devices on the network?
·
How accurately can you test the upgrade
software in a simulated environment?
·
How can you take advantage of the new
operating system to make your system more efficient?
·
What is your technical support arrangement
with the operating system’s manufacturer if you need help in the midst of the
upgrade?
·
Have you allotted enough time to perform the
upgrade? (For example, would it be more appropriate to do it over a weekend
rather than overnight?)
·
During the upgrade, will old NOS files be
saved, and can you reverse the installation if troubles arise?
·
Have you ensured that the users, help desk
personnel, and system administrators understand how the upgrade will affect
their daily operations and support burdens?
These are only some of the critical s you
need to ask before embarking on an NOS upgrade. Your networking environment
might warrant additional considerations. For example, suppose you are the
network administrator for a company that is merging with a second company. Your
two companies might use dissimilar NOSs, and the IT director might ask you to
upgrade your NOS to match the other company’s version. In this situation, you would
not only have to consider the previous list of s, but also a list of s pertaining
to the other company’s operating system—for instance, how its NOS directories are
organized. By addressing these s before you upgrade your own NOS, you ensure that
the merger of the two networks goes more smoothly. An NOS upgrade is a complex
and far-reaching change. It should not be undertaken with severe budgetary,
resource, or time constraints. The following steps demonstrate how careful planning
and a methodical process can help you accomplish an NOS upgrade. (Depending on
your situation, the order and complexity of the steps could vary.)
1. Research—Gather
information about the NOS from the manufacturer and from other sources,
including online user groups, reputable journals, and other networking
professionals. Evaluate the costs involved in upgrading. Also list the benefits
and risks involved in embarking on this NOS upgrade.
2. Project plan—Before
you have committed significant time and money to the project, devise a project
plan. This plan should include the steps to follow, task assignments for staff,
and a rough budget and timeline. Even if you decide not to upgrade the NOS
after all, you must commit resources to proposing and evaluating the option.
3. Proposal—Write a
proposal to evaluate the product, including a plan to purchase and implement it
if the proposal is accepted. A proposal should include the following elements:
·
s to answer during evaluation, such as “Will
the NOS work with my current network monitoring software?”
·
Names of personnel who will assist with
evaluation and final approval
·
A rough timeline and plan for implementing
the change if it is approved
·
A rough project plan for implementing the
change if it is approved
·
Cost considerations
·
A review of the short- and long-term benefits
and risks of the upgrade
·
A recommendation for or against performing
the upgrade
·
A plan for purchasing the software and
implementing the change
4. Evaluation—Assuming
that the proposal indicates that you should proceed with an upgrade and that
your superiors approve your recommendation, you are ready to begin the
evaluation phase. First order an evaluation copy of the NOS. Then install the
software on an unused server whose hardware is similar to the hardware of your production
servers (making sure that the test server meets the NOS manufacturer’s recommended
hardware requirements). On the test system, create several mock user IDs and
groups with varying privileges to simulate the real network environment. Also
install the applications and services that the server will support if it goes
into production.
5. Testing—Next,
as part of your evaluation, distribute updated client software to a team of
technical staff and project stakeholders and ask them to use the mock IDs and
groups to test the system. Over a given time period, they can test the system
and keep notes on how the system meets the requirements specified in your
proposal. The test team should pay particular attention to the new user
interface for clients, the way in which your company’s applications operate the
system’s response time, and any new features provided by the upgrade. Meet
regularly with the team during the evaluation period to discuss and compare experiences.
6. Training—If the
results of the initial stages of evaluation lead you to decide to purchase the
upgrade, make sure you and other networking staff are trained on how to work with
the new NOS. Schedule training to take place only weeks before the anticipated implementation
date so that your new skills are fresh when you begin the conversion.
7. Preimplementation—Before
implementing the change, expand on the rough project plan for the upgrade.
Ensure that your plan for transferring user accounts, groups, and their rights
to the new system is sound. Decide how you want to reorganize the NOS
directory, if necessary, and what types of volumes to create. In addition,
review the existing servers to determine which applications, files, and
directories should be transferred and which can be archived.
Weeks before upgrading, inform users, help
desk personnel, and other networking staff of the timeline and explain what
changes to expect. Recommend that users clean up their data directories on the
server and discard any unnecessary files. Similarly, ask networking staff to
remove any nonessential applications or services they have installed on the
server. If necessary, arrange to upgrade the client software on all
workstations that will be affected by the operating system upgrade. A few days
before the upgrade, issue a final warning to staff specifying when and for how
long the server will be down to accomplish the upgrade.
8. Implementation—Perform
the upgrade when few or no users will be on the network. Before beginning the
upgrade, gather the software documentation and your project plan, along with
the new NOS files and a bootable disk for the server. Just before taking the
system down, broadcast a final warning to alert all users on the network that
the server is going down soon. Then disable all logons to the network. Next,
back up the entire server’s hard disk. When the backup is complete, use your
backup software to verify that critical files were successfully copied.
Finally, perform the upgrade according to the manufacturer’s instructions and
your network’s specifications.
9. Postimplementation—Test
functions and applications on the upgraded server to verify the success of your
upgrade. After you are satisfied that the upgrade is successful, reenable
logons to the network and inform staff that the system is running again. Later,
you can review the upgrade process with other networking staff to find out
whether you learned any lessons that could make future server upgrades more
efficient and less troublesome. Work with the help desk personnel to understand
the kinds of support calls generated by the upgrade. Also continue testing the
new operating system, fine-tuning when necessary, to fix problems or find
errors before they become problems for users.
Reversing
a Software Upgrade
If the software upgrade you perform creates
problems in your existing system, you should be prepared to reverse the
process. The process of reverting to a previous version of software after
attempting to upgrade it is known as backleveling. Most network professionals
have been forced to backlevel at some point in their careers. The steps that
constitute this process differ, depending on the complexity of the upgrade and
the network environment involved. Although no hard-and-fast rules for
backleveling exist, Table 15-1 summarizes some basic suggestions. Bear in mind
that you must always refer to the software vendor’s documentation to reverse an
upgrade. If you must backlevel a network operating system upgrade, you should
also consult with experienced professionals about the best approach for your
network environment.
Table 15-1 Reversing a software upgrade
|
Type
of upgrade
|
Options
for reversing
|
|
Operating system patch
|
Use the patch’s automatic uninstall
utility.
|
|
Client software upgrade
|
Use the upgrade’s automatic uninstall
utility, or reinstall the previous version of the client on top of the
upgrade.
|
|
Shared application
upgrade
|
Use the application’s automatic uninstall
utility, or maintain a complete copy of
the previous installation of the
application and reinstall it over the upgrade.
|
|
Operating system
upgrade
|
Prior to the upgrade, make a complete
backup of the system; to backlevel, restore the entire system from the
backup; uninstall an operating system upgrade only as a last resort.
|
Hardware
and Physical Plant Changes
Hardware and physical plant changes might be
required when a network component fails or malfunctions, but more often they
are performed as part of an upgrade to increase capacity, improve performance,
or add functionality to the network. In this section, you will learn about the
simplest and most popular form of hardware change—adding more of what you already
use, such as adding four more switches to the backbone or adding 10 new networked
printers. You’ll also learn about more complex hardware changes, such as
replacing the entire network backbone with a more robust system. Many of the
same issues apply to hardware changes as apply to software changes. In particular,
proper planning is the key to a successful upgrade. When considering a change
to your network hardware, use the following steps as a guide:
1.
Determine whether the change is necessary.
2.
Research the upgrade’s potential effects on other devices, functions, and
users.
3. If
you decide to implement the change, notify system administrators, help desk
personnel, and users, and schedule it during off-hours (unless it is an
emergency).
4. If
possible, back up the current hardware’s configuration. Ideally, you would have
stored this information in a configuration management program. If that isn’t the
case, or if you want to be certain you have the most current information, you
should collect it now. Most routers, switches, and servers have a configuration
that you can easily copy to a disk.
5. Prevent
users from accessing the system or the part of the system that you are changing.
6. Keep
the installation instructions and hardware documentation handy.
7.
Implement the change.
8. Test
the hardware fully after the change, preferably putting a higher load on the
device than it would incur during normal use in your organization. Note any
unintended or unanticipated consequences of the change.
9. If
the change was successful, reenable access to the device. If it was
unsuccessful, isolate the device or reinsert the old device, if possible.
10.
Inform system administrators, help desk personnel, and users when the change is
complete. If it was not successful, make that known and explain why.
11.
Record your change in the change management system.
Adding
or Upgrading Equipment
The difficulty involved in adding or
upgrading hardware on your network depends largely on whether you have used the
hardware in the past. For instance, if your organization always uses Cisco
switches, adding one more Cisco switch to your second-floor telecommunications
closet might take only a few minutes and cause absolutely no disruption of
service to your users. On the other hand, even if your company uses Cisco
switches, adding a Cisco VPN router to your network might be an entirely new
experience. Therefore, take time to research, evaluate, and test any unfamiliar
piece of equipment that you intend to add or upgrade on your network, even if
it is manufactured by a vendor that supplies much of your other hardware. With
the rapid changes in the hardware industry, you might not be able to purchase
identical hardware even from one quarter to the next. If consistency is a
concern—for example, if your technical staff is familiar with only one brand
and model of network printer, and you do not have the time or money to retrain
personnel—you would be wise to purchase as much hardware as possible in a
single order. If this approach is not feasible, purchase equipment from vendors
with familiar products and solid reputations. Each type of device that you add
or upgrade on the network will have different preparation and implementation
requirements. Knowing exactly how to handle the changes requires not only a
close reading of the manufacturer’s instructions, but also some experience with
the type of networking equipment at hand.
The following list provides a very general
overview of how you might approach adding or upgrading devices on the network,
from the least disruptive to the most complex types of equipment. The devices
at the bottom of the list are not only the most disruptive and complex to add
or upgrade, but also the most difficult to remove or backlevel.
Networked workstation—A
networked workstation is perhaps the simplest device to add. It directly
affects only a few users, and does not alter network access for anyone else. If
your organization has a standard networked workstation configuration (for
example, a disk image, or a compressed snapshot of the workstation’s contents, on
the server), adding a networked workstation will be a quick operation as well. You
can successfully add a networked workstation without notifying users or support
staff and without worrying about downtime.
Networked printer—A
networked printer is easy to add to your network, too. Adding this equipment
might be more complex than adding a workstation, however, because of its unique
configuration process and because it is shared. Although it affects multiple
users, a networked printer does not typically perform a mission-critical function
in an organization, so the length of time required to install one does not usually
affect productivity. Thus, although you should notify the affected users of a networked
printer addition, you do not need to notify all users and support staff. Likewise,
you do not need to restrict access to the network or worry about downtime in
this instance.
Workgroup switch or access point—A single workgroup switch or access point might service
as few as one or as many as 64 users. You do not have to worry about downtime
or notifying users when adding a new workgroup switch or access point because
it cannot affect anyone until it is actually in use. However, if you are upgrading
or swapping out an existing workgroup switch or access point during working
hours, you must notify the affected users because the upgrade or swap will
create downtime, if only a few seconds. In addition, consider the traffic and addressing
implications of adding or upgrading a workgroup switch or access point. For
example, if you need to expand the capacity of a TCP/IP-based network segment from
24 users to 60 users, you can easily enough swap your 24-port switch with a 64-port
switch. But before doing so, make sure that the segment has been allotted enough
free IP addresses to service 60 users; otherwise, these users will not be able to
access the network.
Server—A server addition
or upgrade can be tricky. Typically, this type of change (unless it is the
replacement of a minor component) requires a great deal of foresight and
planning. Before installing a new server, you need to consider the hardware and
connectivity implications of the change, as well as issues relating to the NOS.
Even if you are adding a server that will not be used immediately, you still
need to plan for its installation. It’s preferable to add the server while
network traffic is low or nonexistent. Also, restrict access to the new server;
otherwise, one of your users could find the server while browsing the network
and try to save files to it or run an application from it. Upgrading the
hardware (such as a NIC or memory) on an existing server may require nearly as
much planning as adding an entirely new server. Schedule upgrades to an existing
server for off-hours, so that you can shut down the server without inconveniencing
any users who rely on it.
Backbone switches and routers—Changing or adding backbone switches or routers to a
network design can be complicated for several reasons. First, this type of change
can be physically disruptive—for example, it might require the installation of
new racks or other support frames in your telecommunications room. Second, backbone
switches and routers usually affect many users—and might affect all users—on
the network.
For instance, if you must replace the
Internet gateway for your organization’s headquarters, you will cut every
user’s access to the Internet in the process (unless you have redundant gateways,
which are the optimal setup if you rely on the Internet for mission-critical
services). You should notify all users on the network about the impending change,
even if you don’t think they will be affected, because a backbone router or
switch might affect segments of the network other than the one it services. In
addition, you should plan at least weeks in advance for switch or router
changes and expect at least several hours of downtime. Because enterprise
switches and routers are expensive, take extraordinary care when handling and
configuring this type of equipment. Also, because switches and routers serve
different purposes, rely on the manufacturer’s documentation to guide you
through the installation process.
Bear in mind that adding a new processor to a
server, a new NIC to
a router, or more memory to a printer may
affect your service or
warranty agreement with the manufacturer.
Before purchasing any
components to add or replace in your network
devices, check your
agreement for stipulations that might apply.
You may be allowed to
add only components made by the same
manufacturer, or risk losing
all support from that manufacturer.
Above all, keep safety in mind when you
upgrade or install hardware on a network. Never tinker with the inside of a
device that is turned on. Make sure that all cords and devices are stowed
safely out of the way and cannot cause trips or falls. Avoid wearing jewelry,
scarves, or very loose clothing when you work on equipment; if you have long
hair, tie it back. Not only will you prevent injury this way, but you will also
be less distracted. By removing metal jewelry, you could prevent damage to the
equipment caused by a short if the metal touches a circuit. If the equipment is
heavy (such as a large switch or server), do not try to lift it by yourself.
Finally, to protect the equipment from damage, follow the manufacturer’s
temperature, ventilation, antistatic, and moisture guidelines.
Cabling
Upgrades
Cabling upgrades, unless they involve the
replacement of a single faulty patch cable, can require significant planning
and time to implement, depending on the size of your network. Bear in mind that
troubleshooting cabling problems can be made easier by maintaining current,
accurate wiring schematics. If the network’s cable layout is undocumented and
poorly planned, particularly if it was installed years before and survived intact
despite building changes and network growth, cabling changes will be more
difficult. The best way to ensure that future upgrades go smoothly is to
carefully document the existing cable before making any upgrades. If this
assessment is not possible, you might have to compile your documentation as you
upgrade the existing cabling. Because a change of this magnitude affects all
users on the network, consider upgrading the network cabling in phases. For
example, schedule an upgrade of the first-floor east wing of your building one
weekend, then the first-floor west wing of your building the next, and so on.
Weigh the importance of the upgrade against its potential for disruption. For
example, if the Payroll Department is processing end-of-month checks and having
no difficulties other than somewhat slow response time, it is not critical to
take away its access to install Cat 6a wiring. On the other hand, if the
building maintenance staff needs a 1-Gbps connection to run a new HVAC control
system, you will probably make it a priority to take down this access
temporarily and replace the wiring. In this case, not only must you replace the
wiring, but you might also need to replace switches and NICs. For the most
part, organizations that run very small networks are able to upgrade or install
their own network cabling.
Many other organizations rely on contractors
who specialize in this service. Nevertheless, as a networking professional you
should know how to run a cable across a room, either under a raised floor or
through a ceiling plenum, in order to connect a device to the network.
Backbone
Upgrades
The most comprehensive and complex upgrade
involving network hardware is a backbone upgrade. Recall that the network
backbone is the main conduit for data on LANs and WANs, connecting major
routers, servers, and switches. A backbone upgrade requires not only a great
deal of planning, but also the efforts of several personnel (and possibly
contractors) and a significant investment. You may upgrade parts of the backbone—a
NIC in a router or a section of cabling, for example—at any time, but upgrading
the entire backbone changes the whole network. Examples of backbone upgrades
include migrating from token ring to Ethernet, migrating from a slower
technology to a faster one, and replacing routers with switches (to make use of
VLANs, for example). Such upgrades may satisfy a variety of needs: a need for
faster throughput, a physical move or renovation, a more reliable network,
greater security, more consistent standards, support of a new application, or
greater cost-effectiveness. For example, the need for faster throughput may
prompt an upgrade from an older Ethernet technology to Gigabit Ethernet.
Likewise, the need to support videoconferencing may require a backbone upgrade
from Cat 5 to fiber-optic cable. Because backbone upgrades are expensive and
time consuming, the first step in approaching such a project is to justify it.
Will the benefits outweigh the costs? Can the upgrade wait a year or more? If
so, you might be wise to wait and find out whether a cheaper or better technical
solution becomes available later. Don’t plan to wait until the technology
“settles down” because networking progress never stands still. On the other
hand, do wait to implement brand-new technology until you can find out how it
has worked on other networks similar to your own or until the manufacturer
eliminates most of the bugs. The second step is to determine which kind of
backbone design to implement. To make this decision, you must analyze the
future capacity needs of your network, decide whether you want a distributed or
collapsed backbone, determine whether you want to rely on switches or routers,
decide whether to use subnetting and to what extent, and so on. Although some of
these predictions will be guesswork, you can minimize the variables by
examining the history of your organization’s growth and needs. After designing
your backbone upgrade, develop a project plan to accomplish the upgrade. Given
that you don’t upgrade your backbone every day, you might want to contract this
work to a firm that specializes in network design and upgrades. In that case,
you will draft an RFP (request for proposal) to specify what that contractor
should do. Regardless of whether you employ specialists, your project plan
should include a logical process for upgrading the backbone one section at a
time (if possible). Because this process causes network outages, determine how
best to proceed based on users’ needs. Choose a time when usage is low, such as
over a holiday, to perform your upgrade.
Reversing
Hardware Changes
As with software changes, you should provide
a way to reverse the hardware upgrade and reinstall the old hardware if
necessary. If you are replacing a faulty component or device, this restoration,
of course, is not possible. If you are upgrading a component in a device, on
the other hand, keep the old component safe (for example, keep NICs in
static-resistant containers) and nearby. Not only might you need to put it back
in the device, but you might also need to refer to it for information. Even if
the device seems to be operating well with the new component, keep the old
component for a while, especially if it is the only one of its kind at your
organization.
Chapter Summary
■ Network management involves assessing,
monitoring, and maintaining network devices and connections.
■ Documenting all aspects of your network
promises to save work in the future. Information to track includes, but is not
limited to, physical topology, access method, protocols, devices, operating
systems, applications, and configurations.
■ Configuration management refers to the
collection of information related to the versions of software installed on
every network device and every device’s hardware configuration.
■ Network diagrams illustrate a network’s physical
or logical topology. A wiring schematic is a graphical representation of a
network’s wired infrastructure. Both are helpful for assessing a network’s
status and planning for its expansion.
■ Baselining includes keeping a history of
network performance and provides the basis for determining what types of
changes might improve the network. It also allows for later evaluating how
successful the improvements were.
■ Policies, procedures, and regulations are
important elements of sound network management. Elsewhere in this book, you
have learned about media installation and management best practices, network
addressing policies, resource sharing and naming conventions, security-related
policies, troubleshooting procedures, and backup and disaster recovery
procedures.
■ CALEA (Communications Assistance for Law
Enforcement Act) is a federal regulation that requires telecommunications
carriers and equipment manufacturers to provide for surveillance capabilities.
HIPAA (Health Insurance Portability and Accountability Act) addresses, among
other things, the security and privacy of medical records, including those
stored or transmitted electronically. These are just two laws that, depending
on where you work, might affect your responsibilities as a network professional.
■ Assessing a network’s status on an ongoing
basis includes performance management, or monitoring how well links and devices
are keeping up with the demands placed on them, and fault management, or the
detection and signaling of device, link, or component faults.
■ Network management applications typically
use SNMP (Simple Network Management
Protocol) to communicate with agents running
on managed devices. Agents can report information on a device’s components or
status (such as utilization or performance).
■ The most recent version of SNMP is SNMPv3,
which applies authentication, validation, and encryption to packets exchanged
between managed devices and the network management console. SNMPv2, which is
less secure, is also widely used.
■ System logs and event logs keep a record of
conditions reported by operating systems and applications. On a Windows-based
computer, the Event Viewer allows you to review the computer’s event log. UNIX
and Linux systems run syslog, a standard for generating and collecting event
information that stores messages in a system log. To find out where your
computer’s system log is kept, view the /etc/syslog.conf file.
■ Traffic shaping helps ensure acceptable
overall network performance by limiting the throughput or volume of traffic
that may traverse certain network interfaces or by assigning variable priority
levels to different types of traffic.
■ Caching stores files locally that would
otherwise be obtained from a remote source, such as a Web server across the
country. An ISP uses cache engines on its network to store frequently accessed
content and deliver it directly to requesters. In this way, the ISP improves
response time and reduces WAN traffic and costs.
■ An asset management system includes an
inventory of the total number of components on the network as well as each
device’s configuration files, model number, serial number, location on the
network, and technical support contact. In addition, it records every piece of
software purchased by your organization, its version number, vendor, and
technical support contact.
■ A patch is an enhancement or improvement to
a part of a software application, often distributed at no charge by software
vendors to fix a bug, address a vulnerability, or add slightly more
functionality.
■ An application upgrade consists of
modifications to all or part of an application that are designed to enhance
functionality or fix problems with the software.
■ Perhaps the most critical type of software
upgrade you’ll perform is an upgrade to your network operating system. This
type of upgrade usually involves significant, potentially drastic, changes to
the operation of your servers and clients. As such, it requires plenty of
forethought, product research, and rigorous testing before you implement it. In
fact, for any network with more than a few users, you should create and follow
a project plan for this undertaking.
■ Plan for the possibility that a software
upgrade might harm your existing system, and be prepared to reverse the
process. The restoration of a previous version of software after an attempted
upgrade is known as backleveling.
■ Hardware and physical plant changes might
be required when your network has problems. More often, however, they are
performed as part of a move to increase capacity,
improve performance, or add functionality to the network.
■ Research, evaluate, and test any unfamiliar
piece of equipment you intend to add or upgrade on your network, even if it is
manufactured by a vendor that supplies much of your other hardware. The process
of implementing a hardware upgrade is very similar to that of carrying out a
software upgrade, including notifying users and preparing to bring the system
down during the change.
■ Cabling upgrades are simpler and less
error-prone if a network’s cable plant is well documented. Also make sure to
document new cable infrastructure after making changes. When embarking on a
major cabling upgrade, such as a backbone replacement, it is advisable to
upgrade the infrastructure in phases.
■ The most comprehensive and complex upgrade
involving network hardware is a backbone upgrade. The network backbone serves
as the main conduit for data on LANs and WANs, connecting major routers,
servers, and/or switches. A backbone upgrade not only requires a great deal of
time to plan, but also the efforts of several staff members (and possibly
contractors) and a significant investment.
■ Allow for a way to reverse a hardware
upgrade and replace it with the old hardware. If you are upgrading a component
in a device, keep the old component safe and nearby. Not only might you need to
put it back in the device, but you might also need to refer to it for
information.
Key Terms
Ø agent - A software routine that collects data about a managed
device’s operation and provides it to the network management application
running on the console.
Ø backleveling - The process of reverting to a previous version of a
software application after attempting to upgrade it.
Ø cache
engine - A network device devoted to
storage and delivery of frequently requested files.
Ø caching - The local storage of frequently needed files that would
otherwise be obtained from an external source.
Ø CALEA
(Communications Assistance for Law Enforcement Act) - A United States federal regulation that requires
telecommunications carriers and equipment manufacturers to provide for
surveillance capabilities. CALEA was passed by Congress in 1994 after pressure
from the FBI, which worried that networks relying solely on digital
communications would circumvent traditional wiretapping strategies.
Ø Communications
Assistance for Law Enforcement Act
- See CALEA.
Ø configuration
management - The collection, storage, and
assessment of information related to the versions of software installed on
every network device and every device’s hardware configuration.
Ø event log - The service on Windows-based operating systems that
records events, or the ongoing record of such events.
Ø Event
Viewer - A GUI application that allows
users to easily view and sort events recorded in the event log on a computer
running a Windows-based operating system.
Ø fault
management - The detection and signaling of
device, link, or component faults.
Ø Health
Insurance Portability and Accountability Act
- See HIPAA.
Ø HIPAA
(Health Insurance Portability and Accountability Act) - A federal regulation in the United States, enacted in
1996. One aspect of this regulation addresses the security and privacy of
medical records, including those stored or transmitted electronically.
Ø Management
Information Base - See MIB.
Ø MIB
(Management Information Base)
- A database used in network management that contains a device’s definitions of
managed objects and their data.
Ø network
diagram - A graphical representation of a
network’s devices and connections.
Ø network
management - The assessment, monitoring, and
maintenance of the devices and connections on a network.
Ø patch - A correction, improvement, or enhancement to part of a
software application, often distributed at no charge by software vendors to fix
a bug in their code or to add slightly more functionality.
Ø performance
management - The ongoing assessment of how
well network links, devices, and components keep up with demands on them.
Ø polling - A network management application’s regular collection of
data from managed devices.
Ø Simple
Network Management Protocol - See SNMP.
Ø Simple
Network Management Protocol version 1
- See SNMPv1.
Ø Simple
Network Management Protocol version 2
- See SNMPv2.
Ø Simple
Network Management Protocol version 3
- See SNMPv3.
Ø SNMP
(Simple Network Management Protocol)
- An Application layer protocol in the TCP/IP suite used to convey data
regarding the status of managed devices on a network.
Ø SNMPv1
(Simple Network Management Protocol version 1) - The original version of SNMP, released in 1988. Because
of its limited features, it is rarely used on modern networks.
Ø SNMPv2
(Simple Network Management Protocol version 2) - The second version of SNMP, which improved on SNMPv1 with
faster performance and slightly better security, among other features.
Ø SNMPv3
(Simple Network Management Protocol version 3) - A version of SNMP similar to SNMPv2, but with
authentication, validation, and encryption for packets exchanged between
managed devices and the network management console. SNMPv3 is the most secure
version of the protocol.
Ø syslog - A standard for generating, storing, and processing
messages about events on a system. Syslog describes methods for detecting and
reporting events and specifies the format and contents of messages.
Ø system log - On a computer running a UNIX or Linux operating system,
the record of monitored events, which can range in priority from 0 to 7 (where
“0” indicates an emergency situation and “7” simply points to information that
might help in debugging a problem). You can view and modify system log
locations and configurations in the file /etc/syslog.conf file on most systems (on some systems this is the /etc/rsyslog.
conf file).
Ø traffic
policing - A traffic-shaping technique in
which the volume or rate of traffic traversing an interface is limited to a
predefined maximum.
Ø traffic
shaping - Manipulating certain
characteristics of packets, data streams, or connections to manage the type and
amount of traffic traversing a network or interface at any moment.
Ø upgrade - A significant change to an application’s existing code,
typically designed to improve functionality or add new features.
Ø Web
caching - A technique in which Web pages
are stored locally, either on a host or network, and then delivered to
requesters more quickly than if they had been obtained from the original
source.
Ø wiring
schematic - A graphical representation of a
network’s wired infrastructure.
Review Questions
1. Which
of the following practices creates
a starting point for ongoing evaluation of our network's
health?
a. Configuration management
b. Asset management
c. Fault management
d. Baselining
2. Suppose you
learned that half of
the patch cables that connect a workgroup of
computers in the Accounting Department
to a
patch panel needed
to be replaced due to concerns about
faulty manufacturing. Which
of the following types
of documentation would help you identify these patch
cables?
a. Event log
b. Baseline
c.
Wiring
schematic
d. Syslog
3. You work
for
a medical transcription
company that contracts
with hundreds of home- based transcriptionists across
the country. The transcriptionists connect to
your
network over a VPN that provides remote access services. Employees
work at all times of
the day or night, and not all of the transcriptionists are connected at
the
same time. Further, the
number of transcriptionists
the company hires
at
any time depends
on a variable workload. You need
to determine whether to
increase the number of licenses
on your
remote access
server.
Which of the following variables
would you
configure your network monitoring application to track over
time
to help you find your answer?
a. % utilization on the VPN router's
CPU
b. Maximum traffic
handled by the
VPN router's
NIC
c.
Number of users
connected to the remote access
server
d. % utilization on the remote access server's
CPU
4. You have researched a new type of
switch and proved that upgrading your switches
to this model is feasible.
What is the next step you
take before replacing your old switches?
a. Evaluate the new
switch on a pilot
network that mimics your network environment.
b. Inform users
that a major network
change is pending.
c. Back up the configurations of your
existing switches.
d. Schedule a
time for the switch upgrade that's
least
disruptive to users.
5. You suspect
that
one of your network's
two redundant
core switches has
a NIC or cable
that's experiencing transmission
problems. Supposing you never
obtained a baseline for traffic on
this switch, which of the
following measurements
would help you verify
your suspicion?
a. % processor
utilization on
the affected switch over a week
b. Total
bits per second traveling through the affected switch,
compared to
total bits per second traveling
through the redundant
switch
c. % RAM utilization on the affected
switch over a week
d. Average daily traffic on the affected switch
6. Which
of the following protocols is
commonly used
for communication
between
network management agents and applications?
a. IMAP
b. SMTP
c. NTP
d. SNMP
7. Which
of the following applications would allow you
to determine how many times in the past
seven days your
Windows 7 workstation has been unable to renew
its DHCP-assigned IP address?
a. Event Viewer
b. DHCP logger
c. Syslog
d. TCP/IP Properties
8. On your Linux server, what file tells you where your system log file is kept?
a. /var/log/logs.conf
b. /etc/syslog.conf
c. /etc/usr/logs.conf
d.
/var/syslog.conf
9. Which
of the following techniques could be used to
prevent clients from downloading
more than 50 GB of data per day through a given network interface?
a. Caching
b. Load balancing
c. Traffic policing
d. Clustering
10.
You have decided to
use an application
that will send a text
message to your smartphone
every time one
of your network’s
core routers or
switches experiences an
event
that the system considers an emergency. All switches and routers
run
Cisco IOS. The application will
alert you about events identified
with which of the following
severity levels?
a. 0
b. 1
c. 5
d. 7
11. Suppose you work for a financial
institution that wants to
make sure its clients
can log on and review their
accounts no matter
how much traffic your
WAN
is experiencing. On your
edge router which of the following criteria
will you use to prioritize traffic for all HTTPS requests?
a. Protocol
b. Source IP address
c. Source MAC address
d. Time of day
12. An asset management database should
include which of the following? (Choose all that apply.)
a. Serial
number for every
server on the network
b. User names for every employee who
uses the network
c.
Model
number for every
router,
switch, and access
point
on the network
d. Baseline of
average daily traffic for each router,
switch, and access point on
the network
e. Milestones for the
network's implementation
13.
The routine that collects management
information on a
device is also known as:
a. An agent
b. A
poll
c. A managed
device
d. A MIB
14.
How does an application patch differ from
an upgrade?
a. A patch is more comprehensive
than an upgrade.
b. A
patch is designed to
make minor corrections
or enhancements, whereas an upgrade replaces most, if not
all, of the software code.
c. A patch is offered
by
a third-party software vendor,
whereas an upgrade is
supplied by the software
manufacturer itself.
d. A patch can be
automatically distributed to clients over the network, whereas an
upgrade requires a manual installation.
15. Under what
circumstances should
a network administrator
inform users of a software change?
a. Always
b. When the
change might affect applications
or utilities on which
the users rely
c. When
the change might
result in additional network
traffic
d. When
the change might
affect
how users are added to the system
16.
Which of the following systems would store information
about the VTP settings for a
switch’s interface?
a. Change management
b. Event log
c.
Configuration
management
d. Asset management
17. Which
of the following is
the best way to reverse a network operating system
upgrade?
a. Reinstall the
previous version of the operating system.
b. Uninstall the
upgrade.
c. Remove the
upgrade software
folder from the server.
d. Restore the
server's software and configuration
from a backup.
18. Which
of the following require(s) authentication
between an agent and
network management
console?
a. SNMPv1
b. SNMPv2
c. SNMPv3
d. All of the
above
19. Which of
the following pieces
of information must
you collect
when establishing a baseline for the
performance of a WAN link?
a. Last
time the link failed
b. Average daily traffic traveling over the link
c. Users' perceptions of the link's speed
d. Distribution of traffic
types
by
Network layer
protocol
20. Maintaining records of each
time
a switch interface fails is part of
which of the following practices?
a. Asset management
b. Change management
c.
Fault management
d. Configuration
management
Practice
Test
1. True
or False: The scope of network management techniques differs according to the
network’s size and importance.
a. True
b. False
2. The
term ____ is frequently used to describe a flaw in a software application that
causes some part of the application to malfunction.
a. bug
b. patch
c. service pack
d. system log
3. The
most critical type of software upgrade a network professional will perform is
an upgrade to the ____________________.
NOS
4. If you are replacing a(n) ____ hardware
component or device, restoration is not possible
a. faulty
b. live
c. important
d. critical
5. The network
management protocol that provides for both authentication and encryption is
____.
a. SMTP
b. SNMPv1
c. SNMPv2
d. SNMPv3
6. A
patch is typically a replacement for an entire software package.
a. True
b. False
7. A(n)
____ is a graphical representation of a network's wired infrastructure. In its
most detailed form, it shows every wire necessary to interconnect network
devices.
a. wiring schematic
b. cache engine
c. event log
d. patch
8. The
term ____ originally referred to an organization's system for keeping tabs on
every piece of equipment it owned.
asset management
9. Much of the information collected in event
logs and syslog files does not point to a problem, even if it is marked with a
warning.
a. True
b. False
10. ____ are graphical representations of a
network's devices and connections.
network diagrams
11. Examples
of ____ include migrating from token ring to Ethernet, migrating from a slower
technology to a faster one, and replacing routers with switches (to make use of
VLANs, for example).
backbone upgrades
12. A
patch is a form of a(n) ____ change.
a. hardware
b. software
c. monitoring
d. asset
13. Network
traffic patterns might be difficult to forecast, because you cannot predict
users' habits, effects of new technology, or changes in demand for resources
over a given period of time.
a. True
b. False
14. An
up-to-date asset management system allows you to avoid searching through old
invoices and troubleshooting records to answer.
a. True
b. False
15. The
term ____ refers to the detection and signaling of device, link, or component
faults.
fault management
16. The
term ____ refers to monitoring how well links and devices are keeping up with
the demands placed on them.
a. traffic shaping
b. performance
management
c. polling
d. fault management
17. The
first step in asset management is to take an inventory of each node on the
network.
a. True
b. False
18. Because
of its status in the networking world and the volume of networking hardware it
sells, ____________________ has set trends for network diagramming.
Cisco
19. ____________________ upgrades affect all
users at once.
Shared application
20. Traffic
shaping can involve delaying less important traffic, increasing the priority of
more important traffic, limiting the volume of traffic flowing in or out of an interface
during a specified time period, or limiting the momentary throughput rate for
an interface.
a. True
b. False
21. In
addition to internal policies, a network manager must consider ____ regulations
that might affect her responsibilities.
a. state
b. federal
c. state and federal
d. local
22. ____ simplifies maintaining and upgrading the
network chiefly because you know what the system includes.
a. Performance management
b. Polling
c. Asset management
d. Network management
Chapter Test
1. The most comprehensive and complex upgrade
involving network hardware is a ____ upgrade.
a. NOS
b. cabling
c. printer
d. backbone
2. For
a cabling upgrade, the best way to ensure that future upgrades go smoothly is
to carefully document the existing cable after making any upgrades.
a. True
b. False
3. A
____ is a correction, improvement, or enhancement to a software application.
a. revision
b. patch
c. change
d. software upgrade
4. ____ management is the collection, storage,
and assessment of information related to the versions of software installed on
every network device and every device’s hardware configuration.
a. Performance
b. Configuration
c. Change
d. Asset
5. The
process of reverting to a previous version of software after attempting to
upgrade it is known as ____.
a. backleveling
b. downgrading
c. reverse engineering
d. change back
6. The
most critical type of software upgrade you will perform is an upgrade to your
____.
a. application
b. NOS
c. database
d. backbone
7. A
network management agent is a ____ that collects information about a device’s
operation and provides it to the network management application.
a. hardware device
b. software routine
c. GUI
d. probe
8. The
most common type of caching is ____ caching.
a. online
b. device
c. Internet
d. Web
9. A
key component in managing networks is identifying and tracking its hardware and
software through ____ management.
a. asset
b. change
c. configuration
d. performance
10. A(n)
____ is a graphical representation of a network’s devices and connections.
a. network diagram
b. event viewer
c. wiring schematic
d. Multi Router Traffic Grapher
11. Because
backbone upgrades are expensive and time consuming, the first step in
approaching such a project is to ____ it.
a. research
b. justify
c. document
d. plan
12. A
networked ____ is perhaps the simplest device to add.
a. server
b. hub
c. workstation
d. printer
13. ____ is the local storage of frequently needed
files that would otherwise be obtained from an external source.
a. Segmentation
b. Paging
c. Swapping
d. Caching
14. The
first step in configuration management is to take an inventory of each node on
the network.
a. True
b. False
15. The
more data you gather while establishing your network’s baseline, the less
accurate your prediction will be.
a. True
b. False
16. A(n)
____ is a graphical representation of a network’s wired infrastructure.
a. event viewer
b. wiring schematic
c. Multi Router Traffic Grapher
d. network diagram
17. The
definition of managed devices and their data are collected in a(n) ____________________.
MIB
18. The
process where one network management console collects data from multiple
networked devices at regular intervals is known as ____.
a. interrogating
b. base lining
c. pushing
d. polling
19. ____________________ refers to the assessment,
monitoring, and maintenance of all aspects of a network.
Network management
20. Above
all, keep ____ in mind when you upgrade or install hardware on a network.
a. time
b. safety
c. costs
d. user inconvenience
21. Documenting
and capturing an accurate picture of a network’s physical and logical elements
are initial steps in understanding the network.
a. True
b. False
22. A(n) ____________________ is a report of the
network’s current state of operation.
baseline
23. A
____ is a network device devoted to storage and delivery of frequently
requested files.
a. server
b. cache engine
c. Web site host
d. database host
24. ____ upgrades typically overwrite some system
files on the workstation, so their installation may affect other applications
adversely.
a. Patch
b. Application
c. Principle
d. Full
25. ____ management refers to monitoring how well
links and devices are keeping up with the demands placed on them.
a. Performance
b. Configuration
c. Network
d. Fault
