lesson08

advertisement
Maintaining and Updating
Windows Server 2008
Lesson 8
Skills Matrix
Technology Skill
Objective Domain
Objective #
Configuring Windows Server
Update Services (WSUS)
Configure Windows Server
Update Services (WSUS)
server settings
5.1
Using the Performance
Monitor
Capture performance data
5.2
Using the Windows Event
Viewer
Monitor event logs
5.3
Using Network Monitor to
Gather Network Data
Gather network data
5.4
Monitoring a Windows Server 2008
• There are two approaches to maintaining
your network: the reactive approach and the
proactive approach.
• After implementation of your network design
is complete and you have verified that your
network works properly, the reactive
approach means that you will “wait and see”
what problems arise.
Monitoring a Windows Server 2008
• A proactive approach doesn’t wait for problems to
arise.
– A proactive approach to network management is
preventative and uses tools such as the Performance
and Reliability Monitor, the Event Viewer, and Network
Monitor utilities.
– Proactive system administrators use these tools to
help spot potential and actual networking issues
without wasting time guessing what the problems
might be because they lack historical data.
– They do this by systematically monitoring, logging, and
analyzing the network’s data.
Reliability and Performance Monitor
• Located within the Administrative Tools
folder.
• Allows you to collect real-time information on
your local computer or from a specific
computer to which you have permissions.
• This information can be viewed in a number
of different formats that include line charts
and histograms.
Reliability and Performance Monitor
Reliability and Performance Monitor
Performance Monitor
• Probably the most frequently used view within the
Reliability and Performance Monitor is the
Performance Monitor.
• One of the simplest methods is to open the Start
menu, key perfmon.exe, and then click OK.
• Performance Monitor provides detailed information
necessary for in-depth analysis, logging
capabilities, and alerts, which are useful for early
warnings of possible system issues.
Performance Monitor
Data Collector Sets
• One of the significant changes introduced in Windows
Server 2008 performance monitoring is the Data Collector
Set.
• Rather than manually adding individual performance
counters anytime you want to monitor performance on a
2008 server, Data Collector Sets allow you to organize a set
of performance counters, event traces, and system
configuration data into a single “object” that you can reuse
on one or more Windows Server 2008 servers.
• You can view the counters associated with Data Collector
Sets in Performance Monitor view, use them to generate
alert actions when particular performance thresholds are
reached, and integrate them with the Windows Task
Scheduler to collect performance data at specific times.
Data Collector Sets
• There are three built-in Data Collector Sets
within Windows Server 2008 — LAN
Diagnostics, System Diagnostics, and
System Performance — or you can create
your own custom sets.
• You also have the ability to create Data
Collector Set templates that are based on
the XML file format, thus allowing you to
distribute templates across multiple servers
for use by other administrators.
Data Collector Sets
Data Collector Sets
Data Collector Sets
Data Collector Sets
Securing Access to Performance Data
• A common request from network
administrators in previous versions of
Windows is the ability to delegate access to
performance data without allowing full
administrative rights to a particular server.
• To this end, Windows Server 2008 includes
a number of built-in group objects that grant
limited access to performance data.
Securing Access to Performance Data
• Members of the Performance Monitor Users
group, by default, are delegated the
following additional abilities to view
performance data:
– Members of Performance Monitor Users can
view both real-time and historical data within
the Performance Monitor console and can
use the Reliability Monitor.
– Members of Performance Monitor Users
cannot create or modify Data Collector Sets
or use the Resource View.
Securing Access to Performance Data
• Members of the Performance Log Users
group have all of the rights available to
normal Users and Performance Monitor
Users.
• In addition, Performance Log Users also
have the ability to create and modify Data
Collector Sets, but only after an
administrator has assigned this group the
Log on as a batch user user right on the
server or servers in question.
Windows Event Viewer
• Windows Server 2008 uses the Windows
Event Viewer to record system events that
take place, such as security, application, and
role-specific events.
Windows Event Viewer
Network Monitor
• If you receive reports that a Windows Server
2008 computer is not responding fast
enough, you might want to isolate the view
of the network traffic that is being sent to or
from that server.
• You may also need to view network traffic to
determine if a client application is faulting,
or to determine if a malicious user or virus is
attempting to access the computer over the
network.
Network Monitor
• Windows Server 2008 does not include a built-in
network monitor, but you can download and install
the latest version of Network Monitor from the
Microsoft Web site.
• This free download will allow you to view network
traffic that is being sent to and from the network
interface cards on a particular Windows Server
2008 computer.
• You can view network captures in real-time, or save
the information to a file to be analyzed later.
Network Monitor
Network Monitor
Windows Server Update Services (WSUS)
• Traditionally, system administrators and
users kept systems up-to-date by frequently
checking the Microsoft Windows Update
Web site or the Microsoft Security Web site
for software updates.
• Administrators manually downloaded
available updates, tested the updates in
their environment, and then distributed the
updates manually or with traditional
software distribution tools.
Windows Server Update Services (WSUS)
• To improve the manageability of this process,
Microsoft introduced Windows Server Update
Services (WSUS)
– A Web-based tool for managing and distributing
software updates that resolve known security
vulnerabilities or otherwise improve performance.
– For Microsoft Windows XP, Windows Vista, Microsoft
Windows Server 2003, and Windows Server 2008
operating systems.
– The latest version of WSUS (WSUS 3.0 with Service
Pack 1 at the time of this writing) is a free download
from the Microsoft Web site that can be installed on
a Windows Server 2008 computer.
Windows Server Update Services
WSUS Distributed
Infrastructure
• A server that runs
WSUS can be
synchronized from the
public Windows
Update servers, from
another server running
WSUS, or from a
manually configured
content distribution
point.
• WSUS servers can
download and store
content locally, or they
can use the content on
the Windows Update
Web site.
Setting WSUS Client Settings with GPOs
Setting WSUS Client Settings with GPOs
Summary
• When monitoring the health of Windows
Server 2008, you can examine the Window
Event Viewer to obtain information.
• By default, it logs informational events such
as service start and stop messages, errors,
and warnings.
• Additional diagnostic logging can be
achieved by modifying the registry.
Summary
• Reliability and Performance Monitor in
Windows Server 2008 allows you to collect
real-time information on your local computer
or from a specific computer to which you
have permissions.
• This information can be viewed in a number
of different formats that include charts,
graphs, and histograms.
Summary
• Reliability and Performance Monitor uses
performance objects, or categories, and
performance counters to organize performance
information.
– Performance counters are the specific processes to
monitor.
– Many counters are available.
• WSUS is a tool used to manage and distribute
software updates that fix known security
vulnerabilities or otherwise improve the
performance of Microsoft operating systems.
Summary
• Updates can include items such as security
fixes, critical updates, and critical drivers.
• Windows Update is a Microsoft Web site that
works with Automatic Updates to provide
timely critical and noncritical system
updates.
• Automatic Updates enables you to
automatically interact with the Windows
Update Web site.
Summary
• WSUS has three main components:
– A content synchronization service.
– An internal Windows Update server.
– Automatic Updates on computers (desktops
or servers).
Summary
• WSUS server management includes
reviewing and changing configuration
options, automatically or manually
synchronizing the server, viewing update
status, and backing up and restoring the
server.
• You can configure Automatic Updates
through the Automatic Updates configuration
page, Group Policy, and by configuring
registry entries.
Download