Best practice for file server and network services
Best practice for file server and network services
The modern information technology environment dictates that no organization can afford to have an inefficient data protection plan. Information is the life blood of any organization therefore protecting it has become a vital task. Any organization that believes data is important will invest time and money to protect its data.
Creating a file server and network service is not an easy task and with the every changing server operating system, you can be sure that an administrator will be doing this task again in a few years. In the Best Practice for file server I will discuss: The purpose of server life cycle for planning and preparing a file server, prepare the service OU structure in order to make sure that servers are properly managed and delegated, focus on NTFS permissions rather than share permissions. In the best practice for network services I will discuss: Planning for system redundancy and preparing for potential disasters.
The purpose of server life cycle for planning and preparing a file server
The file server operating system is one of the core networks of your organization. Server life cycle is the service the file server will be put through from the moment it is placed into the organization’s network until it is replaced. The service life cycle will help an administrator recognize the range of services required within the network. After the administrator recognizes and prepares these services on the network he/she can concentrate on network stability. A lot of network operations are carried out by different personnel therefore the stability of the network is truly improved by the implementation of standard operating procedures (SOP s).
This is a protocol that ensures best practices are always used to perform operations. Creating file servers is two third planning and preparing and one third implementation. The file servers are created to fulfill certain requirements within an organization network. Server life cycles within the organization process begin with the purchasing, then to IT management and conclude with the file server being retired from duty. The Purchasing Process focuses on purchase planning, requisition, and procurement. In this phase the organization will focus on volume purchasing of server, minimum requirements for server hardware, hardware provider add-on, request for proposal and growth strategy. But in order for this phase to work, the purchasing department and information technology department have to work closely together.
In Information Technology management, some server responsibility are assigned to key IT personnel until the server is put out of service. These ownership responsibilities usually take place after the server is in service on the organization inventory database. The information included in the inventory is: service contracts, purchase volume, purchase date, receipt date and warranty. Now the server enters into construction where only generic software is installed on the server. The servers’ operating system, resource tool kit, anti virus software and management software are all loaded. Next the IT personnel configure the file server, with software that will help to enable the servers define role within the organization network. The last phase is to test the server, this where the configuration and stress testing is administered. After this last phase is complete, the file server is ready to be placed on the organization network.
Prepare the service OU structure in order to make sure that servers are properly managed and delegated.
An administrator creates the organizational unit structure to reflect the needs of the organization network. The delegation should proceed from the single global child domain because this is the production with all the complex organizational units. When the domain’s structure is complete, it will be a model for creating a domain on the outside of the production forest because all derived from the production forest’s requirements. Here are four reasons why an Organizational Unit should be created:
• An Organizational Unit is required to regroup an active directory into three object types: People, PCs and Service.
• Administering Active Directory objects in order to manage object in active directory through group policy objects.
• Organizational Unit is use to delegate the administration of active directory objects to create sub layer structure. Windows two thousand three server can support a hierarchy of more than ten levels of Organizational Units.
• Organizational Unit may be required to hide objects. Objects are placed in special Organizational Units with tightly controlled access control list. These objects are invisible to non-administrative personnel using the directory.
Focus on NTFS permissions rather than share permissions
The Best practice for file server and network services is to secure your system by using NTFS permission versus share permission. A lot of people are still confused about the difference between NTFS and Share permission; I will use a simple analogy to explain the difference. Think of Share permission as a swipe card you use to enter a large building’s front door and NTFS permission as the key you would use to open your office door once you are inside the building. NTFS applies the most restrictive permission therefore applying this level of security means that the average system user will be able to perform his job, with no other permission granted by the administrator. But NTFS is still more flexible than share permission, because admin can restrict users so that they can list the folder and nothing else. NTFS can be assigned at the same instance to both files and folders. NTFS uses access control lists to prohibit access to resources, and can only be assigned to resources on NTFS volume.
The encryption file system provides greater file protection than share permission because it block malicious attacker from gaining access to the content of an encrypt file. Encryption can be activated through the file or folder properties, the same as permissions. But it can be performed with the cipher command. Encryption is a file property therefore it cannot be applied if file is already encrypted. Windows two thousand three support encrypting file off line and the properties can be set at the group policy object level.
Planning for system redundancy
The best practice for network services is planning for system redundancy, these methods and measures ensure that if part of a system breaks down its functions will be immediately transfer to another system. Planning for system redundancy does not always mean having a component ready to take over the immediate functions of a broken system. Just IT personnel having documented procedures to put a system back on line can be considered part of the plan for system redundancy. A system administrator has to remember that no matter what responsibility’s he/she has on a daily basic, making sure the organization systems are protected is paramount. An administrator should be constantly testing the system and documenting the procedures because building redundancy as a part of your system is only good if you are sure it is functioning properly. Use random arrays inexpensive and random arrays of inexpensive disk interface cards to enable direct hardware systems protection. It is very important to include uninterrupted power supply system as part of the system redundancy plan (Ruest, 2003). Whether it’s using individual USB connected uninterrupted power supply devices on regional server or more centralized power management infrastructures that protect a room full of computer via a centralized location.
Preparing for potential disasters
In network services all the: planning, designing, developing and testing. Most organization never prepare for potential disasters whether natural or man made. Natural disasters can be any one of these acts of God: Tsunami, hurricanes, lighting fires and earthquakes. Although they are not usually easy to predict they are ways you can sometime prevent them. The best practice for reducing the impact of a natural disaster is to create redundant sites where your most important data are stored at more than one location around the country.
This would include all mission critical systems which would require the greatest protection. If service interruptions takes place then the whole organizations productivity would be affected therefore the admin should have a plan in place that if one site goes down then the other sites take over its functions instantaneously. An example of man made disaster: security attack, internal breaking s, terrorist attacks, application failure, and power plant failure. Administrators can implement organizational plans in place for preventative measure, but are unable to predict when they will happen.
Conclusion:
The modern information technology environment dictates that no organization can afford to have an inefficient data protection plan because information is the blood that flows threw an organization vain and protecting it is a vital task. Any organization that believes data is important will invest time and money to protect its data. Creating a file server and network services is not an easy task and with the every changing server operating system, you can be shore that an administrator will be doing this task again in the near future. In the Best Practice for file server I discussed: The purpose of server life cycle to plan and prepare a file server, prepare the service OU structure in order to make sure that servers are properly managed and delegated, I focused on NTFS permissions rather than share permissions. In the best practice for network services I discussed: Planning for system redundancy and preparing for potential disasters. In conclusion, I recommend that every organization should incorporate best practice methodology into their networks plan in order to produce superior system Performance.
Reference:
MOREnet, (2003, March 29) Best Practice in network design, 1 Retrieved July 08, 2005 from http://www.more.net
(MOREnet, 2003)
ITSO, (2003, May 04) Best practices for securing IT Resources. Retrieved July 08, 2005 from http://itso.iu.edu/Best_Practice_For_Securing_IT_Resources
(ITSO, 2003)
Ruest, N & Ruest, D (2003) Windows Server 2003 best practice for enterprise deployments. 1st ed. Emeryville, CA: McGraw-Hill/Osborne
(Ruest, 2003)
Kalra, D (2001) Retrieved July 8, 2005 from SQL Server administration best practice Web site: http://vyaskn.tripod.com/sql_server_administration_best_practices.htm
(Kalra, 2001)
Vyas Kondred, N (2003, May 25) Sql server data transformation services (dts) best practice Retrieved July 8, 2005 from http://vyaskn.tripod.com/sql_server_dts_best_practices.htm
(Vyas Kondred, 2003)
Lab Mice, (2001, April 10) Successfully deploying Microsoft service packs. Retrieved July 08, 2005 from http://labmice.techtarget.com/ServicePacks/articles/deploysp.htm
(Lab Mice, 2001)
Alexander, Z (2004) Retrieved July 08, 2005 from http://www.mcpmag.com/features/article.asp?EditorialsID=452
(Alexander, 2004)