NETWORK

ADMINISTRATI
SUB CODE: KS_C_FC-592
9TH SEM M.SC. (CA & IT)

ON
 • PROCESS
MANAGEMENT
• AUTOMATED TASKS
• ARCHIVING
NETWORK ACCESS
• INTRODUCTION OF

UNIT 4: WINDOW SERVER

• INSTALLATION
• OVERVIEW OF
ACTIVE DIRECTORY
INFRASTRUCTURE
• CONFIGURING
ADDS
 PROCESS
MANAGEMENT
& AUTOMATED
TASKS
  Process Management
PROCESS  A process is basically a program that is in its
MANAGEMENT execution phase.
& AUTOMATED  Process Control Blocks
TASKS  Process Scheduling
  Automated tasks
 Network Automation:
 Network automation removes the manual
steps necessary to manage networks—such
PROCESS as
MANAGEMENT logging into routers, switches, load
& AUTOMATED balancers, and firewalls to change
TASKS configurations by hand before logging out.
 Network automation relies on chained
scripts programmed at the command-line
interface (CLI) level of an operating system
(OS) or prepackaged automation software.
  Why automate networks?
 Even as underlying technologies have
evolved, network management has
remained largely the same for decades.
PROCESS
 Networks are typically built, operated, and
MANAGEMENT
maintained by hand.
& AUTOMATED
 However, traditional, manual approaches to
TASKS
network configuration and updates are too
slow and error-prone to effectively support
the needs of rapidly shifting workload
requirements.
  How does network automation work?
PROCESS  2 extremes: command line automation and
MANAGEMENT automation software.
& AUTOMATED  At the most basic level, you can automate
TASKS network components using standard CLI
commands and arguments.
  For example, Linux operating system
administrators can use Bash operators to chain
events based on previous commands’ successes
(&&) or failures (||).
PROCESS  Or, users could compile command lists into
MANAGEMENT text files—known as shell scripts—that can be
& AUTOMATED repeatedly carried out all at once with a single
execution command.
TASKS
 Automation software products can consolidate
network tasks into pre-packaged programs that
can be selected, scheduled, and executed from
the app’s front end.
  What network operations can be automated?
 Network configurations
 Manual network configuration can result in
inconsistencies, misconfigurations, and network
instabilities, making it difficult to deliver the
PROCESS high level of service needed for digital business
MANAGEMENT operations.
& AUTOMATED  Automation helps you standardize network
TASKS management processes to enforce best
practices.
 Network operations teams can rapidly and
easily deliver services at scale and reduce mean
time to resolution (MTTR) for service
interruptions.
  What network operations can be automated?
 Load balancing and failover
 Application loads must be balanced across
infrastructure to optimize performance and
PROCESS costs.
MANAGEMENT  Manually balancing loads can lead to poor
& AUTOMATED application performance and delay failover
TASKS when system problems arise.
 Automating your load balancers eliminates the
need for manual intervention, permitting faster
ongoing adjustments and failover for improved
application performance and reliability.
  What network operations can be automated?
 Patching

 Password Resets
PROCESS  Freeing Up Server Disk Space
MANAGEMENT  Disk Usage Scans
& AUTOMATED  Restarting Services
TASKS  Reboots

 Malware Scans
 Malware Scans
ARCHIVING
NETWORK
ACCESS
  Network Access (Logs)
ARCHIVING
NETWORK  Archiving Network Access
ACCESS
  Why log archival is important for
network security?
 Network devices like workstations, servers,
routers, and firewalls generate a large
volume of logs every day.
ARCHIVING  These digital bread crumbs can be your
NETWORK greatest ally in network security;
ACCESS  following them could point you towards
potential data breaches and network
vulnerabilities.
 Besides analysing logs, it’s equally
important to preserve them.
  Logs can be crucial in mitigating attacks
 Discovering an attack is often just the tip of
the iceberg.
 In cases where an attacker infiltrated your
ARCHIVING
NETWORK network ahead of time, forensic analysis of
logs can help you discover how the network
ACCESS was compromised in the first place.
 Once that’s established, you can take
measures to ensure the same vulnerability
isn’t exploited again.
  For instance, say multiple unauthorized
access attempts from a suspicious source
ARCHIVING are detected on a critical server and you
NETWORK need to investigate the incident.
ACCESS  At times like these, your network logs will
be crucial in charting out your course of
action.
  Archiving logs for compliance
 Preserving relevant electronic records such
ARCHIVING as network logs is essential in complying
NETWORK with regulations like the Sarbanes-Oxley
Act of 2002, established a set of auditing
ACCESS and financial regulations that public
companies in the United States must adhere
to.
INTRODUCTION
OF WINDOWS
SERVER &
INSTALLATION
  Microsoft Windows Server OS is a series of
INTRODUCTION enterprise-class server operating systems
OF WINDOWS designed to share services with multiple
SERVER & users and provide extensive administrative
INSTALLATION control of data storage, applications and
corporate networks.
  Development for Windows Server started in
the early 1980s when Microsoft produced
two operating system lines: MS-DOS and
INTRODUCTION Windows NT.
OF WINDOWS  Prior to the release of Windows NT, many
SERVER & companies relied on the Unix operating
INSTALLATION system that required expensive RISC-based
hardware to run file and printing services.
Windows NT had the ability to run on less
costly x86 machines.
 A key feature in the NT architecture is
INTRODUCTION symmetric multiprocessing.
OF WINDOWS  Later iterations of Windows Server can be
SERVER & deployed either on hardware in an
INSTALLATION organization's data center or on a cloud
platform, such as Microsoft Azure.
  Key features in later versions of Windows
Server include
 Active Directory, which automates the
INTRODUCTION management of user data, security and
OF WINDOWS distributed resources, and enables
SERVER & interoperation with other directories; and
INSTALLATION  Server Manager, which is a utility to
administer server roles and make
configuration changes to local or remote
machines.
  Planning:
 The Windows Server 2012 R2 Edition you
INTRODUCTION choose should be based on multiple factors,
OF WINDOWS including:
SERVER &  The roles you intend the servers to perform
INSTALLATION  The virtualization strategy you intend to
implement
 The licensing strategy you plan to use
  Windows Server 2012 R2 Core Editions:
INTRODUCTION  Windows Server 2012 R2 Datacenter
OF WINDOWS  Windows Server 2012 R2 Standard
SERVER &
 Windows Server 2012 R2 Essentials
INSTALLATION
 Windows Server 2012 R2 Foundation
  Datacenter:
 Designed for large and powerful servers
INTRODUCTION  Supports up to 64 processors
OF WINDOWS  Fault tolerance—hot-add processors
SERVER &  Only available to purchase through:
INSTALLATION  Microsoft volume-licensing program
 Originalequipment manufacturers (OEMs),
bundled with a server
  Standard:
INTRODUCTION  Includes the full set of Windows Server
OF WINDOWS 2012 R2 features
SERVER &  Only differs from Datacenter by the number
INSTALLATION of virtual machine instances permitted by
the license
  Essentials:
 Includesnearly all features from Datacenter
and Standard editions, except:
INTRODUCTION  Server Core
OF WINDOWS  Hyper-V
SERVER &  Active Directory Federation Services
INSTALLATION
 Limited to one physical or virtual server
instance
 Maximum of 25 users
  Foundation:
 Reduced version of the operating system
INTRODUCTION designed for small businesses
 Supports only basic server features:
OF WINDOWS
SERVER &  File and print services
INSTALLATION  Application support
 No virtualization rights
 Limited to 15 users
  Supporting Server Roles:
3 basic categories of server roles:
 Directory services
 Store, organize, and supply information
INTRODUCTION
about a network and its resources.
OF WINDOWS
 Infrastructure services
SERVER &
 Provide support services for network clients
INSTALLATION
 Application services
 Provide communication services, operating
environments or programming interfaces for
specific applications.
  Supporting Server Virtualization:
 POSE: Physical operating system environment
 VOSE: Virtual operating system environment
INTRODUCTION
OF WINDOWS Edition POSE Instances VOSE Instances
SERVER & Datacenter 1 Unlimited
INSTALLATION
Standard 1 2

Foundation 1 0

Essentials 1 POSE or VOSE 1 POSE or VOSE

  System Requirements:
 Minimum system requirements for all
INTRODUCTION editions of Windows Server 2012 R2:
OF WINDOWS  Processor: 1.4 GHz 64-bit
SERVER &  RAM: 512 MB
INSTALLATION  Disk space: 32 GB
 DVD or USB flash drive
 Super VGA or higher resolution monitor
  Performing a Clean Installation:
INTRODUCTION 1. Connect and power on all devices.
OF WINDOWS 2. Boot from the Windows Server installation
SERVER & DVD.
INSTALLATION 3. Select Language, Time and Currency format,
and Keyboard layout.
  Performing a Clean Installation:
INTRODUCTION 4. Click Install Now.
OF WINDOWS 5. Select your edition of Windows Server 2012
SERVER & R2.
INSTALLATION 6. Select Custom: Install Windows only
(advanced).
INTRODUCTION
OF WINDOWS  Performing a Clean Installation:
SERVER & 7. Select the partition on which to install.
INSTALLATION
INTRODUCTION
OF WINDOWS  Performing a Clean Installation:
SERVER & 8. After installation, set your password.
INSTALLATION
 OVERVIEW OF
ACTIVE
DIRECTORY
INFRASTRUCTURE,
CONFIGURING
ADDS
  What is Authentication?
 Authentication is the process of verifying
a user’s identity on a network.
OVERVIEW OF
ACTIVE
Authentication includes two components:
DIRECTORY
INFRASTRUCTU • Interactive logon: grants
access to the local
• Network authentication:
grants access to network
RE, computer resources

CONFIGURING
ADDS
  What is Authorization?
 Authorization is a process of verifying
OVERVIEW OF that an authenticated user has permission
ACTIVE to perform an action.
DIRECTORY  Authorization happens frequently and
INFRASTRUCTU unobtrusively whenever users request
RE, services, like
CONFIGURING opening their home folder,
ADDS reading/writing files, or
when requesting access to an AD DS
aware application.
 OVERVIEW OF
ACTIVE
DIRECTORY  The user only sees the result of the
INFRASTRUCTU authorization. (they are granted or denied
RE, access.)
CONFIGURING
ADDS
 OVERVIEW OF  WhyDeploy ADDS (Active Directory
ACTIVE Domain Services) ?
DIRECTORY A central repository for identity
INFRASTRUCTU management.
RE,  Provides authentication and
CONFIGURING authorization services through Group
ADDS Policy.
 OVERVIEW OF  Provides information management and
ACTIVE sharing services enabling users to find
DIRECTORY any component by searching the
INFRASTRUCTU directory.
RE,  Inessence, Active Directory acts like a
CONFIGURING phonebook for your network so you can
ADDS look up and manage devices easily.
  ADDS is composed of both physical and
logical components:

Physical Components Logical Components

OVERVIEW OF
• Data store • Partitions
ACTIVE
• Domain controllers • Schema
DIRECTORY
• Global catalog server • Domains
INFRASTRUCTU
• Read-Only Domain • Domain trees
RE, Controller (RODC)
• Forests
CONFIGURING
ADDS • Sites
• Organizational units
(OUs)