MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network
Objectives Use management consoles to maintain Windows Server 2008 Update and maintain your clients using Windows Server Update Service Monitor Windows Server 2008 using built-in and downloadable utilities Perform backup and restore tasks with Windows Server 2008 2
Managing Windows Server 2008 Microsoft Management Console (MMC) 3.0 Improved version of the MMC that has been used in past versions of Windows Server Building custom MMCs You can create a custom snap-in console for the following reasons To centralize tools you use on a regular basis To provide access to users that need to use specific snap-ins to perform their jobs 3
Managing Windows Server 2008 (continued) Activity 11-1: Creating a Custom MMC Console Time Required: 15 minutes Objective: Work with snap-ins and the MMC console 4
Server Manager Console Server Manager lets you manage components in the following sections Roles Features Diagnostics Configuration Storage 5
6
Server Manager Console (continued) Servermanagercmd.exe Provides a command-line utility so that you can perform automated installations or removals of roles, role services, and features 7
8
Server Manager Console (continued) Activity 11-2: Using servermanagercmd.exe Time Required: 15 minutes Objective: Use servermanagercmd.exe command switches 9
Updating Windows Server 2008 Windows Update Suite of tools and services provided by Microsoft for applying updates to systems Responsible for managing the download and installation process of updates from Microsoft Requires access to the Internet 10
11
Windows Server Update Services Centralizes the updating tasks for client and server computers Benefits of WSUS Centralizes update management Minimizes effects on the WAN connection Improves network security and reliability Improves installation of relevant updates Targets updates to specific computers and computer groups 12
Windows Server Update Services (continued) Basic requirements before installing WSUS 3.0 SP1 Microsoft Internet Information Services (IIS) 7.0 Microsoft Report Viewer Redistributable 2005 Minimum of 6 GB of free space for storing downloaded updates 13
Windows Server Update Services (continued) Activity 11-3: Performing Preinstallation Tasks for WSUS Time Required: 15 minutes Objective: Prepare for the WSUS installation 14
Windows Server Update Services (continued) Activity 11-4: Installing WSUS Time Required: 15 minutes Objective: Install WSUS 3.0 SP1 15
Windows Server Update Services (continued) Activity 11-5: Configuring WSUS Using the WSUS Setup Wizard Time Required: 20 minutes Objective: Run the WSUS Setup Wizard 16
Windows Server Update Services (continued) Working with WSUS WSUS Administrative console allows you to: Generate reports Manage updates Monitor the computer through the console 17
18
19
20
Windows Server Update Services (continued) Activity 11-6: Working with the Update Services Console Time Required: 15 minutes Objective: Modify the configuration settings for WSUS 21
Windows Server Update Services Configuring clients (continued) After WSUS has been installed and configured in the WSUS console Your clients need to be configured to use the WSUS server for updates 22
Windows Server Update Services (continued) Activity 11-7: Configuring Group Policy Settings for WSUS Clients Time Required: 30 minutes Objective: Using Group Policy to deploy WSUS client settings 23
Windows Server Update Services (continued) Activity 11-8: Verifying Client Settings Time Required: 30 minutes Objective: Verify that client computers have the correct settings 24
Windows Server Update Services (continued) Approving and deploying updates Using the Update Services console, you can control Which updates are applied Which computers receive the updates When the updates are distributed 25
Windows Server Update Services (continued) Activity 11-9: Approving Updates Time Required: 30 minutes Objective: Approve updates for clients 26
Microsoft Baseline Security Analyzer 2.1 Excellent tool for beginning to analyze your current security posture MBSA scans for missing security updates for the following products Windows 2000 SP4 and later operating systems and components Microsoft Office XP and later Microsoft Exchange Server 2000 and later Microsoft SQL Server 2000 SP4 and later 27
Microsoft Baseline Security Analyzer MBSA 2.1 (continued) Free download from Microsoft Can be used on a local computer or to connect to one or more remote computers on your network Options for running MBSA on remote computers Domain name and IP address range 28
Microsoft Baseline Security Analyzer 2.1 (continued) Activity 11-10: Running MBSA from the Command Line Time Required: 10 minutes Objective: Use mbscli.exe to complete MBSA scans from the command line 29
Monitoring Windows Server 2008 Windows Server 2008 utilities Event Viewer Reliability and Performance Console Network Monitor Task Manager Disk Management 30
Working with Event Viewer Each event in Event Viewer is classified by severity Event Viewer Console Sections include: Custom Views Windows Logs Applications and Services Logs Subscriptions Windows Remote Management (WinRM) Command-line tool service used to configure a computer to accept WS-Management requests 31
32
33
Working with Event Viewer (continued) Activity 11-11: Preparing MSN-SRV-1XX for Remote Log Collection Time Required: 5 minutes Objective: Configure Windows Server 2008 Enterprise clients for remote logging and administration 34
Working with Event Viewer (continued) Activity 11-12: Preparing MSN-SC-0XX for Remote Log Collection Time Required: 15 minutes Objective: Configure Windows Server 2008 Server Core clients for remote logging and administration 35
Working with Event Viewer (continued) Activity 11-13: Configuring an Event Subscription with a Remote Server Time Required: 15 minutes Objective: Create an event subscription 36
Reliability and Performance Console Provides a suite of utilities for monitoring and capturing performance data for local and remote systems Divided into the following areas Resource Overview Monitoring Tools including Performance Monitor and Reliability Monitor Data Collector Sets Reports 37
Reliability and Performance Console Resource Overview (continued) Provides a real-time summary based on the four key components: CPU, disk, network, and memory Performance Monitor Can display real-time or historical data of local or remote computers Reliability Monitor Provides an overview of system stability 38
Reliability and Performance Console (continued) Activity 11-14: Working with Performance Monitor Time Required: 15 minutes Objective: Learn about Performance Monitor 39
Reliability and Performance Console Data Collector Sets (continued) Acts as a central repository for gathering information for Reliability and Performance Monitor Generating Reports Reports section provides a central reporting location for the information gathered by the Data Collector Sets 40
Reliability and Performance Console (continued) Activity 11-15: Working with Data Collector Sets Time Required: 15 minutes Objective: Use Data Collector Sets 41
Network Monitor Built-in utility for capturing and viewing network traffic as it arrives or leaves a server Helps you determine whether traffic is reaching a destination Lets you view encrypted ESP packets to verify that Internet Protocol Security policies are being properly applied 42
Network Monitor (continued) Activity 11-16: Installing Network Monitor 3.2 Time Required: 15 minutes Objective: Install Network Monitor 3.2 43
Network Monitor (continued) Activity 11-17: Working with Network Monitor Time Required: 15 minutes Objective: Capture and save frame data with Network Monitor 44
Disk Management Disk Management console Provides central location for administering the physical hard disks and disk-based devices attached to a server NTFS Disk Quotas Allow you to track disk usage by users and enforce disk space limits on disk volumes Volume Shadow Copy service (VSS) Allows you to set up manual or automatic backup copies of files or folders 45
46
Disk Management (continued) Activity 11-18: Working with Volume Shadow Copies Time Required: 15 minutes Objective: Enable VSS and restore a file from Previous Versions 47
Backup and Restore in Windows Server 2008 (continued) Activity 11-19: Installing WSB and Command-Line Tools Time Required: 15 minutes Objective: Install WSB and command-line tools 48
Backup and Restore in Windows Server 2008 Windows Server Backup (WSB) Provides backup and recovery of your files, folders, volumes, and application data on Windows Server 2008 Works by using VSS and the Block Level Backup Engine service Installing Windows Backup Add this feature through the Add Features Wizard using servermanagercmd.exe 49
Backup and Restore in Windows Server 2008 (continued) Configuring Windows Backup Choices include: Backup Schedule, Backup Once, Recover WSB supports three backup options Always perform full backup Always perform incremental backup Custom Restoring with WSB Bare-metal backup: process where a server can be restored to a clean machine in a single step 50
51
Backup and Restore in Windows Server 2008 (continued) Activity 11-20: Running a Manual Backup on a Remote Server Time Required: 45 minutes Objective: Perform a remote manual backup 52
Backup and Restore in Windows Server 2008 (continued) Activity 11-21: Restoring Files with WSB Time Required: 15 minutes Objective: Restore an individual file 53
Summary MMC 3.0 Provides a framework for tools, referred to as snapins, to add to the console Server Manager Lets you manage roles, features, diagnostics, configuration, and storage Use Windows Update to update your system to correct security holes 54
Summary (continued) WSUS Centralizes the updating tasks for client and server computers You can configure WSUS by running the WSUS Server Configuration Wizard MBSA 2.1 Tool for beginning to analyze your current security posture When monitoring Windows Server 2008 Event Viewer allows you to review and manage events for local and remote computers 55
Summary (continued) The Reliability and Performance console Provides a suite of utilities for monitoring and capturing performance data for local and remote systems Reliability Monitor Provides an overview of system stability by listing details about events that have affected reliability Data Collector Set Acts as a central repository for gathering information for Reliability and Performance Monitor 56
Summary (continued) Network Monitor Built-in utility for capturing and viewing network traffic as it arrives or leaves a server VSS Allows you to set up manual or automatic backup copies of files WSB Provides backup and recovery of your files, folders, volumes, and application data 57