Category: Monitoring and Maintaining Servers
MCTS 70-646 Monitor and maintain security and policies
Monitor and maintain security and policies
May include but is not limited to: remote access, monitor and maintain NPAS, network access, server security, firewall rules and policies, authentication and authorization, data security, auditing
Which information should be protected and how sensitive is business critical
what information needs to be protected, how sensitive it the data, and is it business critical, who should be authorised to access the data, implement a workable monitoring policy.
MCTS 70-646 Monitor servers for performance evaluation and optimisation
Monitor servers for performance evaluation and optimisation
May include but is not limited to: server and service monitoring, optimization, event management, trending and baseline analysis
A baseline of a computer systems performance and reliability should be captured when a system is first deployed for a number of weeks and if applicable when month end processes run; it is advisable to define quiet, busy and business as usual periods. Baselines should be re-analysed when a computer system is changed i.e. more resource is added or a new application is deployed.
Performance Monitor
Performance monitor allows you to view real time data and data collected over a longer period using a data collector set; see data collector sets under performance monitor here for more info.
By default the real time data in performance monitor is overwritten every 140 seconds, to change this behaviour select properties > graph > scrolling type > scroll.
System diagnostic reports
These reports can be created using perfmon /report or by reviewing the reports within the performance monitor GUI.
Action Center
Monitors the computer and reports problems with security, maintenance and other related settings such as firewall, anti virus, anti spyware and windows firewall configuration.
Task Manager
Task manager can be used for viewing process utilisation.
Resource Monitor
Resource monitor is accessible from Task Manager and can be used to stop, start, suspend or resume processes and services, useful for troubleshooting and can be used to highlight CPU, memory, disk and network usage for a particular process or service.
MCTS 70-646 Implement patch management strategy
Implement patch management strategy
Microsoft Baseline Security Analyser (MBSA) can be used to scan Windows operating systems for missing security patches and incorrectly configured settings which could render the Windows vulnerable to known attacks.
The System Center suite can be used to baseline and apply security patches.
Windows Server Update Services (WSUS) is a free patch deployment application available as a role in Windows Server 2008 R2 and a separate download for Windows Server 2008. The version of WSUS available for both revisions of Windows is 3.0 SP2 but note that upgrading a Windows Server 2008 computer running WSUS 3.0 SP2 to Windows Server 2008 R2 will fail.
WSUS 3.0 SP2 has support for the branch cache feature of Windows Server 2008 R2 and also support BITS peer caching, this allows Windows updates to be retrieve off neighbouring systems rather than directly from the WSUS server.
Approval deadlines can be used to force patches to be installed immediately; setting the deadline to a date in the past forces the Windows Update Agent (WUA) to install the update immediately.
Update strategy for roaming clients; point the clients to a DNS name and have that DNS resolve to the local site which the roaming client is currently located.
For application patch level maintenance you should consider looking at the System Center Configuration Manager editions.
More on WSUS here