Section 13.1 Describe the role of SNMP in network management
30
Section 13.1 • Describe the role of SNMP in network management • Demonstrate how user and group accounts are used Section 13.2 • Demonstrate how log files can be used to resolve problems • Explain common backup strategies • List tasks to be performed to properly maintain computer systems
description
Section 13.1 Describe the role of SNMP in network management Demonstrate how user and group accounts are used Section 13.2 Demonstrate how log files can be used to resolve problems Explain common backup strategies List tasks to be performed to properly maintain computer systems. - PowerPoint PPT Presentation
Transcript of Section 13.1 Describe the role of SNMP in network management
Section 13.1• Describe the role of SNMP in network management• Demonstrate how user and group accounts are used
Section 13.2• Demonstrate how log files can be used to resolve problems• Explain common backup strategies• List tasks to be performed to properly maintain computer systems
Section 13.3• Execute simple Windows and Linux script commands• Identify how script files can be used in a network environment• Explain the roles of the shell and the kernel in an operating system
Section 13.4• Identify common methods of securing network data• Create a network security plan
13.1pp. 370-375
Main Ideas
SNMP-compliant devices can store and communicate information about themselves. Individual users can be added to groups, and groups can be assigned to resource permissions to make access management easier.
Key Terms
Simple Network Management Protocol (SNMP)
Management Information Base (MIB)
username
account policies
permissions
Guide to Reading
The Basics of Managing Networks
13.1pp. 370-375
The Simple Network Management Protocol (SNMP) was designed to allow devices to store this information in a database called a Management Information Base (MIB).
This information can then be retrieved by special applications known as SNMP management applications.
Simple Network Management Protocol (SNMP) A protocol that allows a device on the network to store information about itself, then return that information when asked. SNMP-compliant devices are able to store information about themselves. (p. 370)
Management Information Base (MIB) A database in which information about an SNMP device, called an agent, is stored. (p. 370)
Managing Equipment and SNMP
The Basics of Managing Networks
13.1pp. 370-375
Managing People
Users are network resources that must be managed.
At the network level, user access to resources is carefully defined. For example, only certain individuals might be allowed to create files within a certain folder on the network. Anyone else attempting to create a file there gets an access denied message.
The Basics of Managing Networks
13.1pp. 370-375
An account must be created for a user before that user can log on to the network.
The user account also establishes the username and password.
username A logon name that identifies a specific user on the network. (p. 372)
Managing People
The Basics of Managing Networks
13.1pp. 370-375
After the user account is established, permissions can be assigned.
A network administrator may have an account policy that requires a secure, strong password.
Permissions can be set on a per-user basis. However, it is less time-consuming for an administrator to assign permissions to groups of users simultaneously.
account policy Acceptable user practices. (p. 373)
permissions Also called security settings. Permissions determine the resources to which a user has access. (p. 373)
Managing People
The Basics of Managing Networks
13.1pp. 370-375
Managing People
Groups are used to assign network access permission to many users at a time.
Most of the time, a group’s boundaries is a department.
For example, users in the Computer Aided Drafting (CAD) department could be formed into a CAD Users group.
The Basics of Managing Networks
13.1pp. 370-375
You Try It
• Activity 13A – Viewing Permissions Settings (p. 374)
The Basics of Managing Networks
13.2pp. 377-382
Main Ideas
Log files and auditing tools are used to monitor networks. Proper maintenance of systems includes caring for the physical well-being, as well as upgrading hardware and software. Data should be backed up regularly.
Key Terms
log file
auditing
replication
uninterruptible power supply (UPS)
Guide to Reading
Networking Monitoring & Maintenance
13.2pp. 377-382
When a system develops problems, log files often serve as the first source of diagnostic information.
A boot log file is created when a system boots.
A log file created by a firewall application can help identify the IP address of a hacker trying to access the system.
log file A simple text file that records information about the device, system, or application. (p. 377)
Basics of Network Monitoring
Networking Monitoring & Maintenance
13.2pp. 377-382
Network auditing can return information about the hardware and software on the network.
System audits are performed for several reasons, including: • verify software licenses are being used illegally• record what software is in use throughout the network• Inventory hardware on a network• prepare readiness reports prior to upgrading hardware or software
auditing The process of examining and verifying information. (p. 379)
Basics of Network Monitoring
Networking Monitoring & Maintenance
13.2pp. 377-382
Important maintenance software and hardware tasks:
• Keep virus definitions up-to-date. • Defragment the hard drive.• Check the case for dust and other debris once per month.• Ensure computers are plugged into a surge protector.• Servers and other essential systems should be connected to an uninterruptible power supply (UPS) device.
uninterruptible power supply (UPS) A large rechargeable battery that provides power to connected devices for a period of time if main electrical power goes out. (p. 381)
Scheduled Maintenance and Upgrades
Networking Monitoring & Maintenance
13.2pp. 377-382
Scheduled Maintenance and Upgrades
The rule is simple: If you cannot get along without it, back it up.
Networking Monitoring & Maintenance
13.2pp. 377-382
You Try It
• Activity 13B – Viewing Dr. Watson Log Files (p. 378)
Networking Monitoring & Maintenance
13.3pp. 384-388
Main Ideas
Script files are often used as part of the boot and logon processes to control which resources are available to the user. Linux commands are interpreted by a shell and passed to the Linux kernel for execution.
Key Terms
script
batch file
kernel
shell
alias
Guide to Reading
Basic Scripting
13.3pp. 384-388
Scripts to Manage
Logon scripts often work in conjunction with the domain controller to determine the group to which a user belongs.
Third-party scripting applications reduce the headache of creating scripts.
Basic Scripting
13.3pp. 384-388
Using Microsoft Active Directory, system administrators can assign individual users, or groups, a customized logon script. This allows a user to have network resources configured and available in whatever arrangement he or she needs.
Scripts are simple text files, often stored with a “.bat” extension. This extension identifies the files as a batch file.
batch file A file similar to a script—each line contains instructions that can be read and executed by the operating system. (p. 385)
Windows Scripts
Basic Scripting
13.3pp. 384-388
At the heart of the Linux OS is the Linux kernel. A shell is used as the interface from a human being to the kernel.
kernel The part of a program that is responsible for allocating resources and communicating directly with the hardware. (p. 387)
shell An interface from a human being to the kernel that provides commands that a user can execute on a processor. (p. 387)
Linux Scripts
Basic Scripting
13.3pp. 384-388
The shell provides commands that a user can execute. The shell then interprets the user-friendly command into a kernel-friendly command. The kernel then translates the command to something the processor understands.
Linux Scripts
Basic Scripting
13.3pp. 384-388
Commands in Linux often seem long and cryptic, especially to a Linux newbie, or beginner.
Fortunately, these commands can be aliased to something easier to remember.
alias A shortcut method for using or writing a command. (p. 388)
Linux Scripts
Basic Scripting
alias cdrom="mount /mnt/cdrom"alias ucdrom="umount /mnt/cdrom"
13.3pp. 384-388
Linux Scripts
Basic Scripting
Here is an example that would be a great addition to a logon script:
The first line creates (aliases) a new command, called “cdrom,” that executes the “mount /mnt/cdrom” command. The second line aliases the command “ucdrom” to unmount the drive.
13.3pp. 384-388
You Try It
• Activity 13C – Working with Windows Batch Commands
(p. 385)
Basic Scripting
13.4pp. 389-392
Main Ideas
Network security is a serious responsibility and must always be maintained. Access permissions permit access to the resource. Network security incorporates firewalls, proxies, encryption, and frequent review of security logs. Computer viruses are malicious programs.
Key Terms
password-protected shareaccess permissionNetwork Address Translation (NAT)boot-sector virusfile infector virus
Guide to Reading
Ensuring Network Security
13.4pp. 389-392
Planning for Network Security
Maintaining network security requires a balance between facilitating easy access to data by authorized users and restricting access to data by unauthorized users. The network administrator creates this balance.
Four major threats to the security of data on a network are:
• unauthorized access
• electronic tampering
• theft
• intentional or unintentional damage
Ensuring Network Security
13.4pp. 389-392
Assigning permissions and rights to network resources are at the heart of securing the network.
Two security models have evolved for keeping data and hardware resources safe:
• password-protected shares• access permissions
password-protected share A security method for keeping data and hardware resources safe in which a password is assigned to each shared resource. In most peer-to-peer networks it is the only type of security available. (p. 390)
access permission Access rights assigned to objects (such as files, folders, and printers) on a per-user basis. (p. 390)
Security Models
Ensuring Network Security
13.4pp. 389-392
Security Models
This table outlines the major permissions available on Windows networks.
Ensuring Network Security
13.4pp. 389-392
The network administrator can increase the level of security on a network by several means:
• firewalls• proxies• auditing• encrypting data
Proxy servers also protect the network using a feature called Network Address Translation (NAT).
Network Address Translation (NAT) A network method of shielding the internal IP addresses from the outside world by filtering outbound network traffic. (p. 392)
Security Enhancements
Ensuring Network Security
13.4pp. 389-392
There are two categories of viruses:
• boot-sector viruses
• file infector viruses
Here is a list of the more common file infectors:
• companion virus
• macro virus
• polymorphic virus
• stealth virus
boot-sector virus A virus that executes when the computer is booted. (p. 392)
file infector A virus that attaches itself to a file or program and activates any time the file is used. (p. 392)
Computer Viruses
Ensuring Network Security
Resources
For more resources on this chapter, go to the Introduction to Networks and Networking Web site at http://networking.glencoe.com.
Chapter 13
