Monitoring a Windows Server Network
There are three tools to help you proactively monitor and troubleshoot networks issues. Reliability and Performance Monitor, Windows 2008 Event Viewer and Network monitor.
Reliability and Performance Monitor in Windows Server 2008 allows you to collect real-time information. This information can be viewed in a number of different formats that include charts, graphs, and histograms. It uses performance objects, or categories, and performance counters to organize performance information. It collects the following three types of information on Windows 2008 Server:
• Performance counters are the specific processes and events you want to monitor. As you add roles and services performance monitors are exposed for these new roles and services.
• Event Trace data is data collected over time to provide a real-time view into the behavior and performance of the server operating systems and any applications it is running.
• Configuration Information is available via queries to the registry from the Reliability and performance Monitor.
The follow are the three views you can choose:
• Resource View is the default view and gives you a quick overview of the four major performance components of a server: CPU, Disk, and Network & Memory.
• Performance Monitor is the view that provides a visual display of performance counters, in real-time or historical.
• Reliability Monitor is the view providing information about system events that can affect a server’s stability, including software un-install or install, as well application, OS, or hardware failures.
Performance Monitor is probably the most viewed and can be opened easily form the start menu and key perfom.exe. You can add performance counters however the following are what is installed by default:
• Browser
o Announcements Domains/sec - the rate at which a domain has announced itself to the network.
o Election Packet/sec – the rate at which browser election packets have been received by the local computer.
• Memory
o Available bytes - the amount of physical memory available for allocation to a particular process.
o Committed bytes – the amount of committed virtual memory.
• Processor
o % Processor Time – the amount of time the processor spends executing a non-idle thread.
Data Collector Sets were introduced into Windows 2008 server. Rather than manually adding individual performance counters anytime you want to monitor on a 2008 server, Data Collector Sites allow you to organize a set of performance counters, event traces and system configuration data in a single “object” that you can reuse on one or more servers. The following are the three built-in Data Collector Sets: LAN Diagnostics, System Diagnostics and System performance.
Securing Access to Performance Data Windows server 2008 includes a number of built-in group objects that grant limited access to performance data. These are User Group, Performance monitor Users, and Performance Log User.
Windows Event Viewer to monitor the health of Windows Server 2008, you can examine the Window Event Viewer to obtain information. By default, it logs informational events such as service start and stop messages, errors, and warnings. Additional diagnostic logging can be achieved by modifying the registry. When using the event viewer you will see the following items:
Custom views is a “New” feature of Windows in Server 2008 giving you the ability to setup views that will only give you information such as Critical errors
Windows logs Traditional View which includes Application, Security, System logs along Setup log and Forward Events, which both are “New” in Server 2008.
Applications and Services provide various collections of Event viewer entries associated with server hardware, Internet Explorer, and other windows components.
Windows Event Collector Service is also another “New” feature in windows server 2008. It allows you to configure a single server as a repository of events from multiple computes. It creates and manages subscriptions from one or more remote computers. It then uses the WS-Management protocol to communicate for communication with the remote subscribers. Subscriptions are either setup as collector or source computer initiated.
Network Monitor (Gathering Network Data) server 2008 does not include a built-in network monitoring however Microsoft has a free download available. This version is a powerful tool however, there is a more powerful tool available SCOM (Server Center Operations Manager) which can not only capture traffic sent to it from its own interface it but it can also run in promiscuous mode and capture 100 percent of the network traffic available to the network interface. It also gives you central managing point where you can see other instances where network monitoring.
Windows Server Update Services (WUSU) is a tool used to manage and distribute software updates that fix known security vulnerabilities or otherwise improve the performance of Microsoft operating systems. Updates can include items such as security fixes, critical updates, and critical drivers. The following are the categories for the windows operating system: Critical updates, Recommended down loads, Windows tools, Internet and Multimedia updates, Additional Windows downloads, Multilanguage features and Documentation.
WSUS has three main components:
• A content synchronization service
• An internal Windows Update server
• Automatic Updates on computers (desktops or servers)
WSUS server performs two primary functions:
• Synchronizing content with the public Windows Update site.
• Approving content for distribution to your organization.
Windows Updates and Automatic Updates are two separate components designed to work together to keep Windows operating system updated and secure. Windows Update is a Microsoft Web site that works with Automatic Updates to provide timely, critical and noncritical system updates. Automatic Updates enables you to automatically interact with the Windows Update Web site.
WSUS Software and Hardware requirements
• A server running the IIS(Internet Information Service) server role including the following components:
o Windows Authentication
o ASP.NET
o 6.0 Management Compatibility
o IIS Metabase Compatibility
• Microsoft Report Viewer Redistributable 2005
• Microsoft SQL Server 2005 Service Pack 1
• A minimum of 1 GB free Space on the system partition
• 20 GB Minimum space on a volume used to store downloaded content.
• 2 GB Free Space on the volume where WSUS stores the Windows Internal Database.
WSUS server management includes reviewing and changing configuration options, automatically or manually synchronizing the server, viewing update status, and backing up and restoring the server.
WSUS Clients you can configure Automatic Updates through the Automatic Updates configuration page, Group Policy, and by configuring registry entries.
No comments:
Post a Comment