MCSE Top-Rated Sites


 

Analyzing Business Models
There are 5 basic types of business models

International
- In the International model you are likely to see all issues that could possibly be considered. This model increases the complexity of the issues in the National model by including the requirement that all national sites must inter-operate. New issues that arise in this model include cultural and language barriers and international politics

National
- A National business model is applied to a business whose scope spans an entire country

This business model involves all the types of concerns that are included in the Regional model, but includes multiple regions. This increases the importance of each region's concerns, because all regions must interoperate

Regional
- This business model is applied if your design comprises network locations in a particular regional area of a single country. Regional networks often span multiple counties, or states. This model includes considerations that are specific to the region, such as the relationship between communications providers, environmental concerns, and landscape concerns

Subsidiary
- This model is a smaller scale than the models discussed so far. In a Subsidiary model, concerns such as internal company politics increase in importance as you shape your design to allow the subsidiary network to interoperate with the infrastructure owned by the parent company

Branch Office
- In a branch office, you see the smallest business model. In this model, you focus on the specific function of the branch office and what services it must offer to or receive from the company headquarters and other branch offices

You should also know and understand the following terms

O - Information flow
. Information flow processes have to do with the way information is distributed throughout the company. It describes what information is available, who needs it, and in what order they receive it. Another term that describes this is "logical data flow." The way information flows logically from one part of the organization to the other happens without regard to physical structures to support it

O - Communication flow.
Communication flow tracks the path that data follows through the network infrastructure during the course of day-to-day operations of the business. This is also referred to as "physical data flow." 

O - Service and product life cycles
. The entire period from the initial concept of the product or service to the complete removal of the product or service from the market, and all the events that transpire between, is called the life cycle
of the product or service

O - Decision-making.
In some organizations, decisions are made quickly and changes can occur rapidly. In others, there is a complicated process that must be executed before the slightest thing can be done

Analyzing Organizational Structures
The important considerations when designing a network infrastructure are the organization structures within the company. The various organizational structures in place will usually determine the distribution of network resources and the type of network management strategy that will be implemented. Below is a list of organizational structures for you to consider when creating your design

O - Management model.
The management philosophy prevalent in the organization has a direct impact on how the network is designed. Companies are broadly categorized as having a centralized or decentralized management structure. If management wants to centralize control, this impacts how the network is configured

O - Company organization.
The organization of the company will prove to be a major consideration for your network infrastructure design. The distribution of resources will follow the company organization closely

O - Vendor, partner, and customer relationships.
The relationships that a company maintains with its vendors, partners, and customers has an impact on the types of services that the company wants to provide on its network

O - Acquisitions plans.
Awareness of intended acquisitions or mergers enables you to research the specific issues that will be faced in integrating the networks and to design solutions to those problems from the beginning

Analyzing Company Business Strategies
The purpose of any network infrastructure is to enable the business to perform its day-to-day activities and meet its objectives with the greatest efficiency. You should know the following factors

O - company priorities.
Document all the goals of the business and assign a priority number to each one. Goals with higher priority levels get built into the design first, and goals with lower priority values are included in the design only if they can be delivered after satisfying the goals at the higher priority levels

O - projected growth strategy.
Company growth affects the demands placed on a network infrastructure. It is crucial that you develop an understanding of the company's projected growth as well as its growth strategy to ensure that the network infrastructure design meets the demands placed upon it

O - laws and regulations
. Sometimes the operation of a particular business is governed by only a few relevant laws or regulations. Other businesses, however, must adhere to a very complex and strict set of laws and regulations. Partnering with the company's legal team can help make you aware of any legal issues that may apply to your project, and enables you to take advantage of its expertise in dealing with these issues

O - tolerance for risk
. Any time that you design something as mission-critical as a network infrastructure, you must be acutely aware of the risks that are involved in implementing your design. Knowing up front the company's position and tolerance for risk can help you avoid serious problems later. Companies that are very risk-averse may implement more faulttolerant features to minimize the risk of a network failure; those less worried about network failure will not require the same level of fault tolerance

O - total cost of ownership.
The aggregation of all costs associated with purchasing, implementing, supporting, and operating a network infrastructure is referred to as the Total
Cost of Ownership
(TCO) of the network infrastructure

Analyzing IT Management
Your network infrastructure design should include an analysis of the current and proposed IT management structure within the organization. You should be aware of the following areas

O - Type of administration.
There are basically 2 types, centralized or decentralized. Your network infrastructure design must accommodate the IT administration model, whether handled centrally in one location or distributed across the organization in a decentralized approach

O - Funding model.
The company's approach to funding the design and implementation projects directly impacts what you can and cannot accomplish with your design

O - Outsourcing
. If the company for which you are designing a network infrastructure is currently outsourcing any part of the responsibility for installing, administering, and maintaining its network, you need to contact the company representatives who have been charged with the responsibility. These representatives can help you prioritize any issues in the existing infrastructure so that you can design your new infrastructure to resolve these issues, or at least to accommodate them

O - Decision-making process.
Being familiar with the IT decision-making process and planning ahead can help make the design process flow more smoothly and bring you to the approval stage more quickly and less stressfully

O - Change-management process.
The main purpose of a change-management process is to eliminate downtime resulting from changes made to the production network environment

ANALYZING TECHNICAL REQUIREMENTS
The most obvious planning step when creating a network infrastructure design is the analysis of technical requirements. There are several steps to follow in order to perform a thorough and effective analysis of the technical requirements for a network infrastructure design

Evaluating Technical Environment
Before you can begin your network infrastructure design you must be able to determine three things

1. What does the customer want to do with the network infrastructure? 2. What does the customer do with its existing network infrastructure? 3. What is the gap between the current infrastructure and the desired infrastructure? Answering these questions is called performing a gap analysis.
After performing a gap analysis, consider the following items

O - Analyze company size and user and resource distribution.
Determine the total size of the user population and any plans for future growth. In addition to the user population total, you should look closely at the distribution of these users

O - Assess the available connectivity between the geographic location of work sites and
remote sites.
Examine each of the work locations in the existing and the planned network infrastructure. For each location, you need to investigate the connectivity options available in that area

O - Assess net available bandwidth and latency issues.
Bandwidth
is the measure of the amount of data that a network link may carry at any given time. Latency
refers to the amount of time between the moment when a network station is ready to transmit data and the moment when the transmission is completed successfully. Latency is sometimes also called "delay"

O - Analyze performance, availability, and scalability requirements of services.
Performance, scalability, and availability are three terms you will hear over and over again

You should know the definition of these three terms

1. Performance
- The capability of the network infrastructure of meeting the demands for network services effectively and efficiently

2. Scalability
- The capability of the network infrastructure of expanding or contracting in accordance with the demand for network services

3. Availability
- The percentage of time that the network infrastructure is up and running and available for use

O - Analyze data and system access patterns.
Assess the peaks and valleys that exist in users connecting to different systems in the organization. Knowing when servers are going to be busy and which machines are affected has an impact on network design

O - Analyze network roles and responsibilities.
Determine the types of services that parts of the network will be used for. The role of the server in the organization could provide a clue to its usage and can be helpful in design

O - Analyze security considerations.
Security can be physical security at the network level or logical security at the file system level. In Windows 2000, secure communication can also be specified between servers or between clients and servers. The type of security requirements defined by the business practices of the organization can impact the network design

Analyzing the Impact of Infrastructure Design
A good infrastructure design includes an analysis of the potential impact of the implementation so that an effective implementation plan can be developed to minimize the costs associated with rolling out of the new design. Consider the following factors when determining the impact of implementing your network infrastructure design

O - Assess current applications.
Examine each of the applications to determine its requirements in terms of the network infrastructure. Some applications will be very demanding of the network infrastructure, generating heavy traffic and requiring high throughput, and others will not

O - Analyze network infrastructure, protocols, and hosts.
A computer network is comprised of many parts. Connected to this basic infrastructure are the many individual computer systems that must use the network. These systems are called hosts.
For hosts to make use of the network infrastructure for communications, they must first agree to a set of rules for doing so. These sets of rules are called protocols.

O - Evaluate network services.
List all the network services that are currently in use by the organization. Include in your list the specific network requirements for each service

O - Analyze TCP/IP infrastructure.
A network that is based on the TCP/IP protocol has certain elements that must be considered carefully at the design stage in order for the network to operate effectively and efficiently. Some of these elements are

O - The IP addressing scheme O - The IP address assignment process O - The hostname registration process O - The hostname resolution process 

O - Assess current hardware.
It is important to note that no matter what you include in your network infrastructure design, it is completely useless if the hardware in place cannot support it. You need to take an inventory of the hardware in the existing network infrastructure and determine which devices need to be upgraded to ensure that each device can support the demand that will be placed upon it

O - Identify existing and planned upgrades and rollouts.
You need to become aware of any company plans to upgrade its existing applications. If there is an upgrade to an existing application available, the company may want to consider implementing the upgrade at the same time as it implements the new network infrastructure. Upgrading legacy applications may allow you to discontinue the use of older, less efficient protocols

O - Analyze technical support structure.
A major component of the total cost of ownership for the network infrastructure is the ongoing cost to support that infrastructure. It is important to take the time to examine the organization's technical support structure to determine whether it can effectively support the new network infrastructure

O - Analyze existing and planned network and systems management.
There are numerous tools available for performing network and systems management. You may find one or more tools currently in use. Tools for monitoring the health of the network infrastructure components are essential for minimizing downtime and troubleshooting costs

Analyzing Client Computer Access Requirements
The work performed by end users needs to be as effective, efficient, and inexpensive as possible

Enabling this is the ultimate goal of any network infrastructure design. Make sure you do the following

O - Analyze end-user work needs.
It is imperative that the network infrastructure supports the work needs of the end users. Analyzing end-user work needs involves determining who needs access to which data, when they need it, and where it should be delivered

O - Analyze end-user usage patterns.
By examining end-user work needs, you know what data is needed, and by whom. You should also know where the data and its users are located

Knowing this information can help you predict the load on the network. Knowing the load at different points on the network can help determine how the network should be segmented, thereby impacting the network design

Analyzing Disaster Recovery Strategies
The company's existing disaster recovery strategy for client computers, servers, and the network will become an essential tool for protecting the company's systems and data as you implement your new design. You need to know all the details regarding the processes involved in each of the company's disaster recovery strategies in order to determine the impact of your new network infrastructure design on them, and to ensure that these processes remain functional during the implementation of your network infrastructure design

Disaster recovery mainly deals for backups, but also deals with fault tolerance of the network design. Issues include the loss of a critical network component, such as a backbone switch. What will the business impact be of network failure and how can this be minimized? These elements need to be considered in designing a network structure. However, the need to provide proper recovery in the case of a disaster (that is, fault tolerance) should be balanced between the associated costs and then finally compared with the specific requirements of the organization

DESIGNING A WINDOWS 2000 NETWORK INFRASTRUCTURE
A network infrastructure is the collection of technical network components and services that provide the framework for data communications and other network operations. The network infrastructure includes

· Network hardware, such as cabling, routers, switches, and host computers 
· Hardware and software protocols 
· Network services that facilitate host communications, such as DHCP, DNS, and WINS 
· Data storage and access configuration 

Network Topologies
There are two components to network topologies: the physical network structure and the hardware protocol. Physical structure and protocol are closely related, because hardware protocols are designed to work with specific kinds of physical networks. The three most commonly used network topologies are

1. Backbone-based networks.
Backbone-based networks consist of multiple segments connected to a central segment, a backbone, through which traffic between segments flows

An example could be a thicknet (10Base5) Ethernet backbone network with multiple thinnet (10Base2) segments connected to the backbone via a router

2. Ring networks.
Token-ring and Fiber Distributed Data Interface (FDDI) are two examples of ring networks where the logical implementation of the network topology emulates a ring

3. Switched networks.
Switched networks consist of a smart hub that "switches" traffic between different segments. Switches can be layer 2, where the switch port is set to receive packets based on the MAC address, or layer 3, where the destination is determined by the IP address

Planning TCP/IP Networking Strategies
The TCP/IP protocol suite is the global standard for networking. Windows 2000 Server supports the full implementation of the TCP/IP protocol suite and connectivity and management services for TCP/IP based networks. It is important to know which core protocols, services, and application-layer protocols will be used on the network and how they will be used in terms of broadcast traffic, retransmission, and session connections required for applications

A routed network is two or more physical network segments that are linked by one or more routers. You should have a good understanding of the following

O - Types of routed networks.
Routed networks divide a large network into two or more subnets by using a router. The router forwards packets between the two segments to ensure all traffic reaches the proper host

O - Routing tables.
Entries within the router that specify to which segments a particular packet is to be forwarded based upon the IP address. Routing tables can be configured manually using static routes or automatically by one of the two routing protocols: Routing Information Protocol (RIP) and Open Shortest Path First (OSPF)

O - Default gateways.
A default gateway is a TCP/IP configuration entry on each host specifying to which router to forward packets not destined for the local network. Hosts also have a routing table and may have multiple default gateways specified to allow for redundancy

O - Routing protocols.
Routing protocols are protocols used by a router to keep its routing tables updated automatically. The two most common protocols are Routing Information Protocol (RIP) and Open Shortest Path First (OSPF)

O - Windows 2000 Server routing configuration.
The configuration of a Windows 2000 machine tells IP to which router to forward packets not for the local segment. This information can be retrieved by using the Ipconfig utility or the Netstat utility

Developing DHCP Strategies
Dynamic Host Configuration Protocol (DHCP) was originally designed to dynamically assign IP addresses to IP network hosts. Currently, DHCP is also capable of assigning other configuration parameters to an IP host, such as default gateways, name server addresses, multicast addresses, and node type. Some of the other important features of DHCP include the following

· DHCP client computers must be guaranteed a unique IP address

· DHCP client computers must be unaffected by a DHCP server reboot. The client computer must receive consistent configuration information regardless of DHCP server reboots

· A DHCP client computer must be equipped to deal with multiple DHCP responses, because more than one DHCP server may be available to a given segment

· DHCP servers must support automated assignment of configuration information to client computers

· Any implementation of DCHP must not require a DHCP server on each segment. DHCP must work across routers or BOOTP relay hosts

· DHCP must work in a multiprotocol environment

· DHCP must coexist on a network with statically assigned IP addresses

· DHCP must interoperate with BOOTP relay agents and must support legacy BOOTP clients

Planning Name Services
Windows 2000 Server supports two name services: Domain Name System (DNS) and Windows Internet Name Service (WINS). DNS is the Internet name resolution service standard. The physical implementation of a DNS namespace is supported by a distributed database. TCP/IP hosts are identified by a Fully Qualified Domain Name (FQDN). The smallest manageable part of the DNS namespace is known as a zone.
Zones may be either primary or secondary. A zone contains the DNS information, known as resource records, for a contiguous portion of the DNS namespace. There are several types of resource records in a DNS database. The mechanism for keeping DNS server databases synchronized is called zone transfer.
DNS servers that are the source for zone transfers are known as master servers.
Requests for information are called queries.
Query types sent to the server from a resolver are called QTYPE codes.
A DNS server can services two kinds of queries: recursive and iterative

The most common query issued by a resolver is a recursive query. Recursive queries
place the responsibility for resolving the query on the DNS server. Iterative queries
are typically used for name-server-to-name-server queries

The protocol for dynamic update of DNS records is called Dynamic DNS (DDNS). UPDATE records can add or delete DNS resource records. A feature of dynamic DNS updates is that both the DHCP server and Windows 2000 client computer support re-registration, or refreshes

Windows 2000 client computers re-register with the DNS server every 24 hours. Windows 2000 DHCP server re-registers downlevel client computers when their lease is renewed

Windows 2000 computers use DNS for name resolution. In a mixed environment where WINS is used, Windows 2000 DNS can be configured to perform WINS lookups. When a lookup query fails, the DNS server queries WINS to resolve the name. When integrated into Active Directory, DNS does not use conventional zone files to store records. Instead, DNS records are stored in the Active Directory. To use Active Directory zone information directly, a DNS server must be running on a domain controller. Servers not running on DCs are configured as secondary servers and update using standard DNS protocols. Though Microsoft is moving to DNS as its default name service, many existing networks still use WINS

Designing Multiprotocol Networks
Although TCP/IP is the network protocol of choice for Windows 2000, other protocols are supported. Windows 2000 includes support for these additional network protocols

NWLink
- is an IPX/SPX compatible protocol used to provide a transport for NetWare connectivity tools and IPX/SPX client computers. Integration of NetWare servers in a Windows 2000 network is provided by Client and Gateway Services for NetWare on a Windows 2000 Server or Advanced Server computer. Individual Windows 2000 Professional clients can configure connectivity to a NetWare server by installing Client Services for NetWare

NetBEUI
- is a nonroutable fast and efficient protocol ideal for small networks. NetBEUI cannot be used alone if support for Windows 2000 Active Directory is required

DLC
- is an IBM-specific protocol used for gateway connectivity and terminal emulator access to IBM midframe and mainframe systems using SNA. Connectivity between SNA and Windows 2000 networks is provided in Microsoft's SNA Server. DLC can also be used to connect to network-attached printers

AppleTalk
- is used in conjunction with File Services for Macintosh and Print Services for Macintosh to allow Macintosh clients to use Windows 2000 Server computers for file and printer sharing

Windows 2000 supports all NDIS-compliant protocols with drivers for the Windows 2000 operating system, including Banyan Vines IP, DECNet, and others

Distributed File System (DFS)
Distributed file system
(DFS) is a management service for file shares and directories. DFS enables the administrator to combine network resource shares into a single namespace called a DFS volume. Access to DFS volumes requires DFS client computer software. DFS client computer software is included with Windows NT 4 Workstation, Windows 2000 Professional, and is available for Windows 95 and Windows 98

A DFS root is the starting point for the hierarchical structure of one or more DFS volumes. When a DFS client computer browses or otherwise attempts to access a particular directory in a DFS tree, the process is handled with referrals. A referral
routes client computer requests for access to logical DFS locations to a physical location. A Windows NT Server computer or a Windows 2000 Server computer running the DFS host service can host one DFS root

DESIGNING FOR INTERNET CONNECTIVITY
Obtaining the benefits of the Internet requires that you have a through understanding of the technologies and services commonly used. When implemented, these services need to be connected to the Internet in a secure manner

Designing an Internet and Extranet Access Solution
Components of an Internet and extranet access solution include

O - Proxy servers.
A Proxy Server provides a number of services that can be used to assist in the management of your connection to the Internet. The Proxy Server acts as a control point between your private network and the public network. This control point enables you to isolate the private network from the public. Proxy Server is used to block incoming traffic from accessing resources on your internal network. Rules can be defined that allow or deny access to specific URLs or protocols. Proxy Server enables these rules to be applied to users and groups so administrators can create specialized rules that apply to groups of users in their environments. Proxy Server also enables you to optimize your connection to the Internet by caching frequently accessed pages on a local hard drive that can be accessed internally

O - Firewalls.
A firewall is a combination of hardware and software that can be used to reduce the risk of unauthorized access to your network. A firewall can be a packet filtering router, a packet filtering router combined with a circuit-level gateway, or the combination of a packet filtering router, circuit-level gateway, and application gateway. Most often, an effective firewall solution includes a combination of the three technologies

O - Routing and Remote Access Service (RRAS).
The Routing and Remote Access Service provides multiprotocol routing support for Windows 2000. Through RRAS you can configure LAN-to-LAN, LAN-to-WAN, virtual private network (VPN), Network Address Translation (NAT) routing services, and dialup /virtual private network services

O - Network Address Translation (NAT).
NAT is implemented through the Routing and Remote Access Service (RRAS). Before you can enable NAT, you must install RRAS. When the NAT server forwards packets, it translates the IP address and port values in the request

The translation data is stored in a database, so return packets can be mapped back to the original host that made the request

O - Connection Sharing.
The connection sharing service allows a company to set up a single machine to act as a shared access point to the Internet. Private clients route requests to the Connection Sharing server, and the server takes care of translating the private request into a request that can be passed onto the Internet

O - Web servers and mail servers .
Web servers and mail servers offer data access services to clients that reside inside the corporate network and externally. Web servers offer data through the Hypertext Transfer Protocol (HTTP). Client software called a browser
is used to access data on Web servers using the HTTP protocol. Web servers that offer data to internal clients form the basis of an intranet. Internet Information Server (IIS) included with Windows 2000 Server, includes an HTTP and SMTP server component, as well as a File Transfer Protocol (FTP) server and Network News Transfer Protocol (NNTP) server

O - Mail servers.
Mail servers facilitate the transfer of electronic mail to clients internal and external to the corporate network using the Simple Mail Transport Protocol (SMTP) or the Post Office Protocol version 3 (POP3). A POP3 and SMTP server is included with Microsoft Exchange server

Designing a Load-Balancing Strategy
Network Load Balancing (NLB) is a clustering technology included with the Microsoft Windows 2000 Advanced Server and Datacenter Server products. The technology enables a cluster of systems (between 2 and 32) to be created. To scale performance, NLB distributes IP traffic across multiple cluster hosts. It also ensures high availability by detecting host failures and automatically redistributes traffic to the remaining hosts in the cluster

With multiple-host load balancing, incoming client requests are distributed among all cluster hosts, and a load percentage can be specified for each host. Load percentages allow hosts with higher capacity to receive a large fraction of the total client load. Single-host load balancing directs all client requests to the host with the highest handling priority. When a port rule uses multiple-host load balancing, one of three client affinity modes must be selected. When no affinity mode is selected, NLB balances the client traffic load from one IP address and different source ports on multiple-cluster hosts. To assist in managing client sessions, the default singleclient affinity mode balances all network traffic load from a given client's IP address and a single-duster host. By default, NLB is configured with a single port rule that covers all ports (0- 65,535) with multiple-host load balancing and single-client affinity.

DESIGNING A WIDE AREA NETWORK INFRASTRUCTURE
Beyond the considerations of the LAN network infrastructure, you must also consider connecting the individual LANs to form a WAN. WAN technologies and strategies differ from those of LANs. In configuring and designing a WAN, you need to develop a routing strategy to ensure access to all the sites that make up the WAN

Though not directly part of designing a WAN, connections for dial-in users and virtual private networks (VPNs) also need to be designed to satisfy requirements for users who work away from the office, as well as branch office connections

Designing an Implementation Strategy for Dialup Remote Access
In order for users to access the corporate network from remote locations, one connectivity option is a dialup connection to a Remote Access Server (RAS). This enables a remote user to connect to the network using a modem and ordinary telephone line. Here are some issues that you must resolve if you incorporate this type of dialup strategy into your network infrastructure design

O - Client IP address assignment.
Clients are assigned an IP address when they connect to the RRAS server, via DHCP or from a static pool of addresses

O - Client name registration.
Name registration is the method used by clients to register their computer names on the network, automatically via DHCP or manually using DDNS or WINS

O - Name resolution.
Name resolution is the method used by clients to resolve the names of hosts they want to connect to, either by DNS or WINS

O - User authentication.
Will users be authenticated by a domain controller, the local server, or by a RADIUS server? 

O - Cost of long distance calls.
Should you configure callback to reduce the cost of long distance calls to the RRAS server, or a VPN connection through the Internet

Designing a Virtual Private Network (VPN) Strategy
Another alternative that provides remote users connectivity to the corporate network is a virtual private network (VPN), which provides secure access to remote users across the Internet

Security is provided by encapsulating all transmissions across the Internet link within an encrypted data stream. Windows 2000 supports the Point-to-Point Tunneling Protocol (PPTP) and the Layer-2 Tunneling Protocol (L2TP). Internet Protocol Security (IPSec) can be used in conjunction with L2TP to provide an encrypted, secure tunnel across the Internet

Using a Routing and Remote Access Service (RRAS) Routing Solution to Connect
The Routing and Remote Access Service (RRAS) provides multiprotocol routing support for Windows 2000. You can configure LAN-to-LAN, LAN-to-WAN, virtual private network (VPN), Network Address Translation (NAT) routing services, and dialup/virtual private network services

When using RRAS to provide LAN-to-LAN or LAN-to-WAN routing services using the TCP/IP protocol, two dynamic routing protocols are supported: Routing Information Protocol (RIP) and Open Shortest Path First (OSPF). On a RIP enabled network, routers keep their respective routing tables updated by communicating with neighbor routers. Approximately every 30 seconds, RIP routers broadcast their list of reachable networks. The primary drawback to RIP networks is bandwidth consumption due to the RIP announcements. The OSPF routing protocol works best with large networks. The two main features of OSPF are that routing table updates occur only when one or more routers on the network recognizes a change and that OSPF calculates routes using a shortest-path tree

DESIGNING MANAGEMENT AND IMPLEMENTATION
The last step in your network infrastructure design project is to create a strategy for implementing and managing your design recommendations. A fully detailed implementation plan is probably the responsibility of the deployment team, but a well-developed deployment strategy can give the team some direction from the start

After the design has been implemented, it needs to be managed and supported. Because the network infrastructure is new, the team needs to become acquainted with the design before being able to do its job effectively. There are essentially four main steps to managing a network

1. Identify what to manage.
In general terms, this means that you must first decide what you need to manage and what you do not need to manage

2. Monitor the network.
This involves using the Performance tool and the Network Monitor, among others, to gather information about the status of the systems that make up the network and about the physical network

3. Analyze the information.
You will gather a significant amount of data as you monitor an entire network. It is important that you analyze the data in real time. You should be able to recognize a problem before it becomes critical

4. Respond to issues.
The point of monitoring is to detect problems and to be able to respond to them. This means you should know what you need to do to resolve each crisis that could arise

Designing a Strategy for Monitoring and Managing Windows 2000 Network Services
You need to devise a strategy for monitoring the key Windows 2000 services that are offered on the network infrastructure. The services need to be monitored for both availability and performance. Each service on the network needs to be managed to ensure that it is operating at peak efficiency. Some of the Windows 2000 network services that you want to monitor and manage include

O - Global Catalog servers.
The central repository containing a subset of attributes of all objects in Active Directory, the Global Catalog is populated by Active Directory replication using Remote Procedure Calls (RPC) over either TCP/IP or SMTP

O - Lightweight Directory Access Protocol (LDAP).
LDAP is the protocol used to search the Global Catalog and Active Directory

O - Certificate Services.
Certificate Services is a component of Windows 2000 enabling you to issue X. 509 certificates that can be used by the Encrypting File System (EFS), IIS, and other Windows 2000 services

O - Proxy Server.
Microsoft Proxy Server is a separate Microsoft product providing caching, filtering, and other services to optimize Internet access

O - Domain Name System (DNS) Servers.
DNS is used by Active Directory to provide information on which services can be found on which machine. It is also used by clients to resolve hostnames to IP addresses, and is used by DHCP to update a hostname and IP address when a DHCP lease is issued or expired

O - Dynamic Host Configuration Protocol (DHCP).
DHCP provides for the automatic assignment of IP addresses and other settings to computers on the network. It is also used by Remote Installation Services (RIS) to provide the IP address of a RIS server during client boot

O - Routing and Remote Access Service (RRAS).
RRAS provides dialup remote access services, virtual private network (VPN) services, and Network Address Translation (NAT) services. This enables clients to access the network using the Public Switched Telephone Network (PSTN) and analog modems, ISDN, or the Internet. It also provides Internet connection sharing capabilities by masking internal IP addresses to a single external address through NAT

O - Windows Internet Naming System (WINS).
WINS resolves NetBIOS computer names to IP addresses. This enables clients requiring NetBIOS naming to be able to connect to the right computer

O - Distributed File System (DFS).
DFS enables clients to find network shares more easily by providing a central access point with information on the physical location of many shares

Clients connect to the DFS root and then are redirected to the appropriate host instead of remembering the names of all hosts and which shares exist on them. With Windows 2000 Active Directory, DFS can also provide for fault tolerance and replication of data in shares

There are many tools available for monitoring and managing network services. Many of them come in the form of a Microsoft Management Console (MMC) snap-in. The available tools include the following

O - Performance logs and alerts.
These are a subset of the System Monitor MMC snap-in in which you can configure alerts that can be fired whenever a specific performance threshold is surpassed. Alerts enable you to configure an action that should be taken or a notification that should be sent on the network or both

O - Service Monitor events.
The Service Monitor is built into Windows 2000, and it monitors certain services that are designed to use it. It can restart a service, restart the server, or run a program to send a notification of the failure

O - Simple Network Management Protocol (SNMP).
The SNMP agent service on Windows 2000 can use various Management Information Bases (MIBs) to access and report the status of various parts of the operating system. The agent can then respond to a query from a thirdparty management station or send traps to the management station. A trap
is an occurrence of a significant event

O - Event logs.
The Event Log Service can provide you with a great deal of information for troubleshooting a problem. The logs can also be used to calculate uptime for various services and to capture problems that happened. They report five types of events: Information, Warning, Error, Success Audit, and Failure Audit. In Windows 2000 there are six main event logs, each of which provides different information:

O - Applications log
- Any application that is written to Microsoft standards has the capability of recording information in the Applications log

O - Security log
- Events that deal with the security of the system are tracked in this log

O - System log
- All the device drivers, services, and other system-related components record their errors in the system log

O - Directory service
- This log tracks events that relate to the Active Directory database and its replication

O - DNS server
- This log tracks events that affect the DNS server

O - File replication service
- This manages the replication of the files in the SYSVOL

O - Network Monitor.
The Network Monitor is used to capture the traffic that is received or sent from a single computer. This enables you to actually see what packets are being generated from the services on a system and to monitor or troubleshoot problems on the network

O - Command-line utilities.
Windows 2000 provides a number of command-line utilities that can be integrated into a script or called using the Task Scheduler to verify network performance. Some of the most commonly used utilities are 

O - Netdiag
- This utility performs a series of tests to isolate networking and connectivity problems. It can also determine the functional state of your network client

O - Ping
- This utility troubleshoots IP connectivity

O - Tracert
- This utility displays a list of routers along the path between a source host and a destination

O - Pathping
- This utility is a combination of Ping and Tracert. Over a period of time, Pathping sends packets to each router on the path to a final destination, and then computes results based on the packets returned from each hop. Pathping shows the degree of packet loss at any given router or link, so you can pinpoint which routers or links might be causing network problems

O - Nslookup
- This utility troubleshoots DNS problems

O - Netstat
- This utility displays protocol statistics and current TCP/IP connections for each network interface in a computer

O - Nbtstat
- This utility displays protocol statistics and current TCP/IP connections that use NetBIOS over TCP/IP (NetBT). It can also be used to verify the NetBIOS name cache

O - Scripting and programming solutions.
The Windows Scripting Host is a utility available for Windows 2000 that dramatically increases the ability of an administrator to create scripts that can be used to perform monitoring or other administrative tasks. The scripting host enables you to create scripts that are written in Visual Basic Scripting edition or JScript as well as other languages, such as Perl

O - Windows Management Instrumentation (WMI).
The WMI provides a single point of integration through which you can access status information from many sources within a computer. The WMI is a service that is started by default on Windows 2000-based computers and is also available on Windows 95-and Windows 98-based computers

Analyzing the Information
In most cases, after you collect the data that you want to use to manage your network, the next item on the agenda is to analyze the data. This can be done in a number of ways depending on the type of data that you are looking at and what you are trying to find in the data. The following are some of the common methods

O - Manual inspection.
In cases where you manually inspect data, there should be little data and the source of the data and response to conditions should be documented

O - Spreadsheets
. These can be used when you are looking for fluctuations or for trends

O - Databases.
As with using spreadsheets, this method is useful if you are looking for trends or if you are seeking an anomaly in a large data sample

O - Programmed solutions.
In cases where you are looking for a specific type of change in service or you need to ensure that there will be a response regardless of the time that the change in service took place, you can use a programmatic solution. This includes third-party software

Responding to Issues
After you have analyzed the information, you need to establish a plan to respond to any issues that arise. You can respond in one of two ways

1. Reactive response.
When responding reactively to information that you have obtained, you are essentially trying to fix a situation that has already taken place, such as a critical network component 

2. Proactive response.
Proactive response is the correction of a potential problem before it takes place. With proper analysis of logs, you can track the use of network components and determine when a problem might occur

Designing Network Services for Application Architecture
When you deploy network services across an enterprise, you need to ensure that each service performs a function that supports the application software in use by the enterprise. The application software that an organization chooses to use serves the purpose of enabling the company employees to perform their day-to-day tasks. The network services deployed by the enterprise should serve to support the requirements of each of the applications that are used. This is the main function of the network infrastructure

Combining Networking Services
By combining multiple networking services on a single computer you simplify the network and use hardware resources more efficiently. You can combine services onto a single system as long as you bear the following points in mind

· Combining the services must meet the design criteria for security, availability, and performance on the network

· The computer hardware resources such as RAM, CPU, disk, and network can support the combined services

· The goal is to reduce the number of computers that must be managed

There are times when you may combine services for other reasons, such as redundancy or perhaps security or performance. There are several cases where this could be the case, including the following

O - Security.
When using remote access or a screened subnet, you can isolate the networking services that manage confidential data on a single server

O - Availability.
By combining services on multiple servers, you can reduce the probability of a failure that results in the loss of the service overall

O - Performance.
Where two services work closely together, such as the Global Catalog and a Domain DFS root, you can reduce the network traffic or optimize the computer resources that are underused by combining the services on a single system

Another method to ensure proper use of resources is to make use of Windows 2000 Clustering services to combine services on a cluster. When installing SQL Server or Exchange, or even for DNS and WINS, you can configure these services to run on a Windows 2000 cluster that will provide load balancing and automatic fail-over

Designing a Plan for the Interaction of Different Network Services
Windows 2000 network services offer the essential services that provide the basic foundation of the Windows 2000 network infrastructure, but these services do not function completely independently. Several of the basic services found in a Windows 2000 network infrastructure rely on the presence and performance of other services. Planning the implementation of a particular service often involves planning the configuration and implementation of a number of other services

The resource requirements of the various key Windows 2000 services are outlined in the table below. You should not combine services with high-resource requirements on the same server, but many services with low-resource requirements may be combined, providing memory, processor, network, and disk resources are available

Designing a Resource Strategy
When developing your implementation and management strategies, you want to examine the resources that will reside in the network infrastructure you have created. After you have enumerated them and have an understanding of the requirements for implementing and managing them, you want to do the following

Plan for the placement and management of resources.
Care should be taken when deciding where to place each of the resources on the network. Network design requires that location consider the bandwidth requirements for each resource and which users will be making use of the resource in question. Then, you need to ensure that the resource is not going to use bandwidth in other parts of the network in order to satisfy user requests. Properly placing the resource in the correct physical location that allows minimal use of bandwidth is the goal

Plan for growth
One of the most important aspects of an effective network design is scalability

Make sure that your plan takes into account the company's anticipated growth and growth strategy so that your design can scale accordingly

Plan for decentralized or centralized resources.
When you understand the geographical and political organization of a company, you can determine whether network resources will be centralized or. However, placing resources in a physically different location from the centralized management team may be the right choice to minimize network bandwidth utilization, while still allowing a centralized management model. It is not necessary to adopt a decentralized management model when resources are in many locations, nor is it necessary to have a centralized model when resources are in a single location. The physical placement of computers will not change the management style of the organization