Managing Networks In the last blog I wrote, I talked about why you needed a Network Administrator and stated that their mandate, "Find ways to seamless integrate a computer into the business process!" and the mandate of company they work for, "We exist to fulfill our customer's need". I also stated that the way Network Administrators achieve their mandate was by locating applications that automated tasks for specific departments within your company, and that now with the web server they are looking at how these niche applications can share information. And while that is their mandate, they will have the task of taking care of all the computer equipment in the organization. In the environment that I wrote about, I stated that ENetArch had 500 computers, distributed across 30+ departments. So what I would like to talk about the tasks involved in setting up, configuring, and maintaining these computers.
So let's start with what the common user is aware of. You have a computer sitting on your desk; it connects to a wall jack, a hub, a router or DSL and then to the Internet. This description is typical of most organizations, unless they have multiple locations and then additional equipment is used to connect these locations, called VPNs or Dedicated Trunks. Some additional components you would see in a typical office network environment are: firewall, printer, work group copier, server, wireless access points, and IP cameras. There are a lot of other devices that can be attached, but for the purposes of this article, I'm listing the most common that I've worked with.
Now comes the part you may not be aware of, while you may use a computer, some of the options that Network Administrators provides you with: Common Desktop Experience, Secured Storage, Archived Storage, Internet Access, and Technical Support. So what's so hard about this? And why are they important?
Let's start with the Common Desktop Experience. First off, it's not very easy to provide this experience. Take a look around your office and see how many different types of computers you really have. For example, you might have a Dell system, but what version are you using vs your co-worker, or how about the system you use at home? It's this difference that creates the first problem for most network administrators to overcome. Thankfully software has abstracted (separated) the hardware from the software and from the user's experience. By doing this, the Network Administrator can save how your desktop is arranged, and your My Documents folders back to the server. This allows you to move from one computer to another to access your documents. There is a down side to this though, while the Network Administrator can save your software settings, they cannot make the software installed specifically on your computer available to you at another computer. To do this it must be installed on the network server, but there is a trade off, it takes longer for the software to run across the network than it does to run locally on your computer. The other restriction to installing the software on the server is that of licensing - how many computers can run the same application before the office has consumed all the licenses?
As I mentioned earlier, applications can be loaded onto your computers. The most common suite of applications is the office bundle - Word Processing, Spreadsheets, Presentation Managers, Project Managers, and Diagramming software. There is also a suite of Internet Applications usually known as Email, Web Browser, Instant Messenger, and Calendaring, Todo's, and Rolodex. Additional Suites may be loaded per department that are specific to that department - accounting uses accounting software, technical IT support uses a trouble ticket system, Website Design uses Image Editing and WebSite building software, and so on.
Moving on to Secured Storage, one of the points made about the common desktop environment is that your desktop and my documents can be saved to the server. There are other items being stored out there as well, such as your email, calendar, and group documents. However, while these things are in a public space, there is no need for accounting to see email between designers concerning the design of the latest apple iPhone, so security groups are created to determine who has access to what folders and files. But group security is a bit more complex than just files and folders, it can also control who has access to what parts of the computer, what settings can be changed, what software can be loaded, what software can be run, and so on. The same applies to your email, and web browsing on IntraNets as well.
Now that we have all your data locked up in a server, it needs to be Backed up and Archived. Most people like to know that their data is being backed up somehow, however what they may not be aware of is that while data is backed up, only that data that has changed is backed up - this is known as archiving. The reason for this is that when you look at the size of hard drives today - 500gb to 1 terabyte - it's costly to duplicate them both in time and in storage capacity. Existing tape drive systems only go to 800 gb and cost 4 grand just for the hardware. And even at the highest speed of hard drive to hard drive, it still takes a good couple hours to duplicate a hard drive, therefore a series of backup methods are employed. The first is mirrored backup - where the server has 2 or more drives saving exactly the same information. This allows for immediate redundancy so that if a drive fails, the server can continue to work, until the failed drive is replaced. The second scheme is to just backup to tape the changes that were made during the day. Initially once a week or once every two weeks a full backup is made so that there is a starting point for a full recovery.
Most backup schemes using this method accommodate a 10 x 10 backup solution. This means that 10 full backups are stored off site as time passes, and 10 incremental backups are made between each full backup. This allows for users who either accidentally or purposefully deleted files from the computer. This can also happen if a virus infects a workstation and begins deleting files. While in most cases you might catch a more active user or virus and be able to recover the lost files, a less active approach requires that you pull the files back from older archives.
Additional backup options are to have a redundant server located somewhere else in case of a fire or natural disaster. That server is sent change data instead of actually communicating directly with the end users. The reason for the change data is that, change data like incremental backups, are smaller, and can be run from a starting piont to current in order to restore the current status of a server. The biggest use that most users are starting to make of their computer is Internet Access. While most of us attribute this to browsing the web, other services like email, instant messaging, voice over IP (VoIP) and/or video conferencing are also big consumers of the Internet. What a network administrator does here is to make sure that your communications through the web are safe and secure and possible.
Before you actually communicate with the web several things need to happen between your computer and the connection your company has with their Internet provider. The first is that your computer talks do a DNS service, which translates the name of the hosting company for the page you are looking for into a number. Example (www.google.com - > 22.214.171.124). Then it talks to a Firewall that makes sure that you have access to the Internet, and then Access to a specific website. Some website have been restricted to prevent you from accidentally browsing to known sites that attack computers, or from allowing employees from browsing for pleasure (to put it mildly), other restrictions may be applied to stop employees from browsing to sites that allow them to up and download data - software, corporate files, and such. While this may all sound like Network Administrators don't trust you, the perspective we must follow is, "How does this help you do your job?" After the firewall there is the router. Most companies house their web servers in house for public access. While this reduces hosting costs and maintenance costs, it also increases the potential that hackers will attempt to breach the security and attempt to get into the corporate data center. Having two different interent connections - one for the corproate and one for the websites can reduce this risk, but it only works effectively if the IP address for the corporate side changes every day. After the router is the connection to the Internet - which can be a simple DSL, or a more advanced piece of hardware - like a dedicated T1 or OC3. Basically these are dedicated trunks that state how large a pipe you have to the Internet. The size is based on the amount of traffic that is flowing ... for example if your company is just browsing he web, then a DSL would probably be sufficient. However if you're doing VoIP and Video Conferencing, you definitely want a much larger trunk in order to handle 64k packets being sent 60 times a second. And when your page request has reached the Internet provider at the other end, you have reached what is known as the Internet.
There is another piece of the puzzle that I left out purposefully till now. It is the internal network of your office. This network is composed of hubs, switches, and cabling. It is equivalent to the part of your nervous system that reaches out at the ends of every finger. While it may appear to be just a bunch of wires connecting into a box, this box is doing something very interesting inside. It is switching where your message needs to go next. Just like a telephone call. What's nice about this group of equipment is that itcan now help your computer send the message faster from your computer to the Internet or to the server. In fact, switches can be configured so that messages from accounting only go to and from the servers for accounting. This way, people who choose to run a sniffer on the network ( a device that records all the traffic in the network ) find it harder because, switches can also be configured to restrict access to the network based on whether or not the computers MAC address - a physical address used to identify each piece of equipment - is listed in the switch. Another nice function of a switch is that it can be told to monitor network traffic volumes so that when traffic from a department starts exceeding what the network can provide, additional provisions can be made to accommodate the need. Let's say for example that you've chosen to add a Database Server to your network, and now an employee is querying that database intensively. While a certain percentage of traffic from the employee needs to hit other servers and the Internet, the bulk of it can be routed from the database server to the employee, and doesn't need to go across other networks, causing the network to slow down, or become bottle necked for other users.
Technical Support comes to the rescue when any or all of the computer equipment fails. They also help you identify the tasks you are trying to automate and facilitate that process. To that end there are several levels of technical support that have been created. First there is the help desk, which takes your call. They may provide support based on known issues that have happened in the past or make you aware of outages that are presently occurring. (Equipment does die!) The next level of technical support is split between the computer technician, software support and the network administrator. These three support areas provide support with resolving hardware issues with your computer, assistance with your software like Word, Excel, or Quick Books, or they resolve issues concerning the network itself - respectively. Mind you that I've talked about a lot of technology, and specific types of technical support can be used for each specific area depending on the technology used. You might be familiar with Cisco? There is a whole range of equipment and protocols that help network administrators manage your information, and having specific knowledge of those protocols and equipment. Just as there are network administrators who are knowledgeable about Microsoft Server, Novel Sever, or Unix Server.
While I would love to chat more about computer support or software support or even the help desk, this article focuses on Network Administration. While Network Administration troubleshoots network issues they are also planning and plotting out how to improve the network. For example, as a server gets old they have to migrate users from one server to another. Data paths need to be maintained, files need to be transferred successfully, and sizes of usage need to be estimated and accounted for successfully. In one organization that I worked for, one of the processes that we did were to migrate 10 file servers into one server. Each of the older servers had 100 gig hard drives, mirrored. The new server had 4 sets of Terabyte hard drives mirrored. We also mirrored the server so that just in case it failed, there was another server ready and immediately available to take over service. Thankfully this process was made easier through a series of tools created specifically to administrate domains - groups of users. Using this tool, we collected the information for each set of users on the old system and put them onto the new system. In the old days we would have to have researched all this information, print it out, and then type it all back into the new servers. With the Domain Management System, it was as simple as drag and drop, and the users were created on the new systems. And with another application we were able to copy all the data over, insure that it was copied successfully, and begin the process of validating that the users could in fact use the new system.
So when I say that Network Administrations mandate is, "Find ways to seamless integrate a computer into the business process!ā€¯ not only does that mean that we improve your environment so that your computing experience is improved, but also improve their own working conditions so that they can spend more time with you, helping you work.
Saying of the Day
You will be recognized and honored as a community leader
Eliminate Data Modeling Time |
What would happen if your project timeline spent no time formalizing a data model? Would it cost you the project? What if the application’s object model could serve as the data model? more...