A computer network is a collection of computers and various devices that provide information exchange between computers on the network without the use of any intermediate storage media.

The entire variety of computer networks can be classified according to a group of characteristics:

· territorial distribution,

· departmental affiliation,

· information transfer speed,

· type of transmission medium.

According to the territorial distribution, networks can be local, global, and regional. Local are networks that cover an area of ​​no more than 10 m2, regional are those located on the territory of a city or region, global are on the territory of a state or group of states, for example, the World Wide Web Internet.

By affiliation, departmental and state networks are distinguished. Departmental ones belong to one organization and are located on its territory. Government networks are networks used in government agencies.

Based on the speed of information transfer, computer networks are divided into low-, medium- and high-speed.

Based on the type of transmission medium, they are divided into coaxial networks, twisted pair networks, fiber optic networks, with information transmission via radio channels, and in the infrared range.

A distinction should be made between computer networks and terminal networks (terminal networks). Computer networks connect computers, each of which can work autonomously. Terminal networks usually connect powerful computers (mainframes), and in some cases, PCs with devices (terminals), which can be quite complex, but outside the network their operation is either impossible or completely meaningless. For example, a network of ATMs or ticket offices. They are built on completely different principles than computer networks and even on different computer technology.

There are two main terms in the classification of networks: LAN and WAN.

LAN (Local Area Network) – local networks that have a closed infrastructure before reaching service providers. The term “LAN” can describe both a small office network and a network at the level of a large factory covering several hundred hectares. Foreign sources even give a close estimate of about six miles (10 km) in radius; use of high-speed channels.

WAN (Wide Area Network) is a global network covering large geographic regions, including both local networks and other telecommunication networks and devices. An example of a WAN is a packet-switched network (Frame Relay), through which various computer networks can “talk” to each other.

The term "enterprise network" is also used in the literature to refer to the combination of several networks, each of which can be built on different technical, software and information principles.

The types of networks discussed above are closed networks; access to them is permitted only to a limited number of users for whom work in such a network is directly related to their professional activities. Global networks are focused on serving any users.

1. LOCAL COMPUTER NETWORKS

1.1. The concept of local networks

A local area network (LAN) (LAN – Local Area Network) is a group of computers located within a certain territory, connected to each other using appropriate communications means, which share software and hardware resources. Such a network is usually intended for collecting, transmitting dispersed and distributed information processing within one enterprise or organization. It can be focused on performing certain functions in accordance with the profile of the enterprise.

Local networks are designed to implement such application functions as file transfer, electronic graphics, word processing, e-mail, access to remote databases, and digital speech transmission. Local networks combine computers, terminals, information storage devices, transition nodes for connecting to other networks, etc. Local networks constitute one of the rapidly developing sectors of industrial communications; a local network is often called a network for an automated institution. The local network is characterized by the following characteristics:

Channels usually belong to the user's organization,

· channels are high-speed (10-400 Mbit/s),

· the distance between workstations connected to the local network is usually from several hundred to several thousand meters,

· a local network transmits data between computer user stations (some local networks transmit voice and video information),

The bandwidth of a local network is usually greater than that of a global network,

· the local network channel is usually the exclusive property of the organization using the network,

· the error rate in the local network is lower compared to a network based on telephone channels,

· decentralization of terminal equipment, which uses microprocessors, displays, cash register devices, etc.,

· data is transmitted via a common cable to which all network subscribers are connected,

· possibility of reconfiguration and development by connecting new terminals,

· the presence of a local network makes it possible to simplify and reduce the cost of personal computers, since they collectively use the most expensive resources in a time-sharing mode: disk memory and printing devices .

1.2. Classification of local networks

Today there are a huge number of different local networks in the world and to consider and compare them it is necessary to have a classification system. There is no definitively established classification yet, but certain classification characteristics of local networks can be identified. These include classification by purpose, types of computers used, management organization, information transfer organization, topological characteristics, access methods, physical signal carriers, access control to the physical transmission medium, and others.

There are two types of computer networks: peer-to-peer networks and dedicated server networks. The differences between peer-to-peer and server-based networks are fundamental because they determine the capabilities of these networks. The choice of network type depends on many factors:

size of the enterprise,

· required level of security,

· type of business,

· level of availability of administrative support,

volume of network traffic,

· needs of network users,

Protection involves setting a password on a shared resource, such as a directory. It is very difficult to centrally manage security in a peer-to-peer network, since each user sets it up independently. Some users may not install protection at all. If privacy concerns are critical, it is recommended to choose a server-based network. Because in a peer-to-peer network each computer functions as both a client and a server, users must have sufficient knowledge to act as both users and administrators of their computer.

A peer-to-peer network is suitable where:

· the number of users does not exceed 10 people,

· users are located compactly,

· data protection issues are not critical,

· in the foreseeable future, no significant expansion of the company, and therefore the network, is expected.

If there are more than 10 users connected to the network, the peer-to-peer network may not perform well enough. Therefore, most networks use dedicated servers.

A dedicated server is one that functions only as a server (excluding client or workstation functions). It is specifically optimized for quickly processing requests from network clients and for managing file and directory protection. Disks of dedicated servers are available to all other computers on the network. The servers must run a special network operating system.

The remaining computers are called workstations. Workstations have access to server disks and shared printers, but that's it. One workstation cannot work with disks of other workstations. On the one hand, this is good, since users are isolated from each other and cannot accidentally damage other people's data. On the other hand, users are forced to use server disks to exchange data, creating additional load for it.

There are, however, special programs that work on a network with centralized control and allow you to transfer data directly from one workstation to another, bypassing the server. Workstations must have special software installed, often called a network shell.

1.3. Computer network topologies

Star topology

The concept of a star network topology comes from the field of mainframe computers, in which the head machine receives and processes all data from peripheral devices as the active processing node. This principle is used in data communication systems, such as RELCOM e-mail. All information between two peripheral workstations passes through the central node of the computer network.

Figure 1. Star topology

Network throughput is determined by the computing power of the node and is guaranteed for each workstation. There are no data collisions. Cabling is quite simple as each workstation is connected to a node. Cabling costs are high, especially when the central node is not geographically located in the center of the topology. When expanding computer networks, previously made cable connections cannot be used: a separate cable must be laid from the center of the network to the new workplace.

The star topology is the fastest of all computer network topologies because data transfer between workstations passes through a central node (if its performance is good) over separate lines used only by these workstations. The frequency of requests to transfer information from one station to another is low compared to that achieved in other topologies.

The performance of a computer network primarily depends on the power of the central file server. It can be a bottleneck in the computer network. If the central node fails, the entire network is disrupted.

The central control node - the file server - can implement the optimal protection mechanism against unauthorized access to information. The entire computer network can be controlled from its center.

Ring topology

With a ring network topology, workstations are connected to one another in a circle, i.e. workstation 1 with workstation 2, workstation 3 with workstation 4, etc. The last workstation is connected to the first. The communication link is closed in a ring.

Laying cables from one workstation to another can be quite complex and expensive, especially if the workstations are geographically located far from the ring (for example, in a line).

Figure 2. Ring topology

Messages circulate regularly in circles. The workstation sends information to a specific destination address, having previously received a request from the ring. Message forwarding is very efficient since most messages can be sent “on the road” over the cable system one after another. It is very easy to make a ring request to all stations. The duration of information transfer increases in proportion to the number of workstations included in the computer network.

The main problem with a ring topology is that each workstation must actively participate in the transfer of information, and if at least one of them fails, the entire network is paralyzed. Faults in cable connections are easily localized.

Connecting a new workstation requires a short-term shutdown of the network, since the ring must be open during installation. There is no limit on the length of a computer network, since it is ultimately determined solely by the distance between two workstations.

Figure 3. Logic ring structure

A special form of ring topology is a logical ring network. Physically, it is mounted as a connection of star topologies. Individual stars are switched on using special switches (English: Hub), which in Russian are also sometimes called “hubs”. Depending on the number of workstations and the length of the cable between workstations, active or passive hubs are used. Active hubs additionally contain an amplifier for connecting from 4 to 16 workstations. The passive hub is purely a splitter device (for a maximum of three workstations). Managing an individual workstation in a logical ring network is the same as in a regular ring network. Each workstation is assigned an address corresponding to it, through which control is transferred (from senior to junior and from junior to senior). The connection is broken only for the downstream (closest) node of the computer network, so that only in rare cases can the operation of the entire network be disrupted.

Bus topology

With a bus topology, the information transmission medium is represented in the form of a communication path accessible to all workstations, to which they all must be connected. All workstations can communicate directly with any workstation on the network.

Figure 4. Bus topology

Workstations can be connected to or disconnected from it at any time, without interrupting the operation of the entire computer network. The functioning of a computer network does not depend on the state of an individual workstation.

In a standard situation, an Ethernet bus network often uses a thin cable or a Cheapernet cable with a T-connector. Shutting down and especially connecting to such a network requires a bus break, which disrupts the circulating flow of information and causes the system to freeze.

New technologies offer passive plug boxes through which workstations can be turned off and/or turned on while the computer network is running.

Due to the fact that workstations can be turned on without interrupting network processes and the communication environment, it is very easy to eavesdrop on information, i.e. branch information from the communication environment.

In a LAN with direct (non-modulated) information transmission, there can always be only one station transmitting information. To prevent collisions, in most cases, a time division method is used, according to which each connected workstation is granted an exclusive right to use the data transmission channel at certain points in time. Therefore, the requirements for computer network bandwidth under increased load are reduced, for example, when new workstations are introduced. Workstations are connected to the bus via TAP devices (Terminal Access Point). TAP is a special type of connection to coaxial cable. The needle-shaped probe is inserted through the outer shell of the outer conductor and the dielectric layer to the inner conductor and is connected to it.

In a LAN with modulated broadband information transmission, various workstations receive, as needed, a frequency on which these workstations can send and receive information. The transmitted data is modulated at the corresponding carrier frequencies, i.e. Between the information transmission medium and the workstations there are modems for modulation and demodulation, respectively. The technology of broadband messages makes it possible to simultaneously transport a fairly large amount of information in a communication environment. For the further development of discrete data transportation, it does not matter what initial information is supplied to the modem (analog or digital), since it will still be converted in the future.

Table 1.

Characteristics of computer network topologies

Tree structure of LAN

Along with the well-known topologies of computer networks: ring, star and bus, a combined structure, for example a tree structure, is also used in practice. It is formed mainly in the form of combinations of the above-mentioned computer network topologies. The base of a computer network tree is located at the point (root) at which communication lines of information (tree branches) are collected.

Figure 5. Tree structure of LAN

Computer networks with a tree structure are used where direct application of basic network structures in their pure form is not possible. To connect a large number of workstations, network amplifiers and/or switches are used according to adapter boards. A switch that simultaneously has amplifier functions is called an active hub.

In practice, two varieties are used, providing the connection of eight or sixteen lines, respectively.

A device to which a maximum of three stations can be connected is called a passive hub. A passive hub is usually used as a splitter. It doesn't need an amplifier. The prerequisite for connecting a passive hub is that the maximum possible distance to the workstation should not exceed several tens of meters.

NETWORK DEVICES AND COMMUNICATIONS

2.1. Main cable groups

Today, the vast majority of computer networks use wires or cables for connections. They act as a medium for transmitting signals between computers. There are three main groups of cables: coaxial cable, twisted pair cable and fiber optic cable.

Coaxial cable is divided into two types - thin and thick. They both have a copper core surrounded by a metal braid that absorbs external noise and crosstalk. Coaxial cable is convenient for transmitting signals over long distances. It is simple in design, light in weight and moderate in cost. At the same time, it has good electrical insulation and allows operation over fairly long distances (several kilometers) and high speeds.

Twisted pair can be shielded or unshielded. Unshielded twisted pair (UTP) cable is divided into five categories, of which the fifth is the most popular in networks. Shielded twisted pair (STP) supports transmission of signals at higher speeds and over longer distances than UTP. Twisted pair, although cheap and widespread, due to the presence of backup pairs in telephone cables at many sites, is poorly protected from electrical interference, from unauthorized access, and is limited in range and data speed.

Fiber optic cable is lightweight, capable of transmitting information at very high speeds, immune to electrical interference, difficult for unauthorized access, and completely fire and explosion-proof (only the sheath burns), but it is more expensive and requires special skills to install.

Signal transmission

There are two data transmission technologies: broadband and narrowband. With broadband transmission using analog signals, several channels are simultaneously organized in one cable. With narrowband transmission there is only one channel, and digital signals are transmitted through it.

2.2. Wireless network

The wireless environment is gradually entering our lives. As soon as the technology is fully formed, manufacturers will offer a wide selection of products at reasonable prices, which will lead to both an increase in demand for it and an increase in sales. In turn, this will lead to further improvement and development of the wireless environment.

The difficulty of installing a cable is a factor that gives the wireless environment an undeniable advantage. It may be especially useful in the following situations:

· in rooms heavily filled with people,

· for people who do not work in one place,

· in isolated rooms and buildings,

· in rooms whose layout often changes,

· in buildings where laying cables is prohibited.

Wireless connections are used to transmit data over LANs, extended LANs, and mobile networks. A typical wireless network works the same way as a cable network. A wireless adapter card with a transceiver is installed in each computer, and users work as if their computers were connected by a cable.

A wireless network uses infrared radiation, laser, and radio transmission in a narrow and diffuse spectrum. An additional method is point-to-point communication, in which data is exchanged between only two computers, rather than between multiple computers and peripheral devices.

2.3. Network adapter cards

Network adapter cards are the interface between the computer and the network cable. The responsibility of the network adapter card is to prepare, transmit, and manage data on the network. To prepare data for transmission over the network, the board uses a transceiver that reformats the data from parallel to serial form. Each board has a unique network address.

Network adapter cards differ in a number of parameters that must be configured correctly. These include: interrupt (IRQ), base I/O port address, and base memory address.

To ensure compatibility between the computer and the network, the network adapter card must, firstly, match the computer's data bus architecture and, secondly, have the required type of connector with the network cable.

The network adapter card has a significant impact on the performance of the entire network. There are several ways to increase this performance. Some boards have additional features. These include, for example: direct memory access, shared adapter memory, shared system memory, bus control. Network performance can also be improved by using buffering or an embedded microprocessor.

Specialized network adapter cards have been developed, for example, for wireless networks and diskless workstations.

3. DEPLOYMENT OF A LOCAL NETWORK

3.1. Work with the customer

Purpose of creation

The goal is always determined by the customer; the task of the system integrator at this stage is to consult and more clearly define the goals and objectives of the created network.

In particular, the purpose of creating a network can be:

· exchange files between computers. This goal is always set; differences can only be in the methods of organization,

· the use of a specific electronic document management system differs from the first goal in that the software with which the customer will work is known and the network is designed according to its characteristics,

· integration of several offices of the customer company into a single network,

· control by the management of the customer company over the actions of network users. In other words - remote administration,

· connecting all office computers to the Internet via one high-speed channel.

As a rule, the customer wants to implement everything, at least in a minimal version. The task of any network is to transmit data. And the network must perform this task with maximum speed.

Network size

The speed of data transfer depends, among other things, on the distance over which it needs to be transmitted. The next thing to discuss with the customer is the expected network size. Generally, LANs are divided into three categories according to their size:

· small networks (from 2 to 30 machines),

medium networks (30-100 machines),

· large networks (100-500 machines).

Cost of work

One of the most important points for a system integrator when preparing a project is its cost.

Before drawing up the technical specifications, you can talk about the estimated cost of the project. After this, a work estimate is drawn up and the final agreement is signed between the customer and the system integrator. The estimate specifies the specific cost of the necessary equipment, the cost of labor and, sometimes, the cost of the tools needed to install and test the network.

As a rule, the following approaches to the distribution of funds on the part of the customer are found:

· no limits. The customer is ready to pay all necessary expenses,

· with restrictions. There is an upper limit on the funds that the customer is willing to allocate to create a network, and within these limits the system integrator can make any expenses,

· negotiable. Each item in the estimate is agreed with the customer.

Each of these approaches has its pros and cons. The first approach is bad if there is excessive waste of funds and threatens misunderstanding on the part of the customer. This may even lead to the customer refusing the services of the integrator. The second approach is good when the customer’s goal coincides with the funds allocated for it, that is, it does not require super-performance for little money. The third approach is bad if the customer does not have competent specialists and is of great benefit if the customer does have such specialists.

At this stage of the project, the main task of the integrator is to agree on the cost of work on creating a network with the customer and the integrator. This ends direct work with the customer and begins the design of the network.

3.2. Network design

Architecture selection

At this stage, the system integrator must design the network architecture (topology). The most correct is the mixed type, but still now in most cases the star topology is used. The main advantage and disadvantage of this type at the same time is centralization. If the central link fails, it is easier to replace it, but at this time the entire network does not work.

Let's consider several of the most common cases of topology depending on the geographical location of machines and their functions:

· the network is small in size and does not have distinct servers. In this case, as a rule, the star topology is used and the ring type is very rarely used,

· there are few machines in the network, but they are distributed over a large area (regardless of their functions). It is recommended to use a hub located approximately halfway between the machines,

· a medium-sized network does not have distinct servers. In this case, all machines are connected through one or more hubs, connected either through a central hub (star) or in series (bus),

· a medium-sized network has distinct servers (database servers, file servers, WWW). There are several ways to distinguish here: either allocate all servers into a separate group and connect them to a reliable hub, thereby achieving centralization of computing resources in one place, or assign each server a hub, thereby reducing the load on one hub

· large network located in one building. The star topology is most often used.

· large network located in several buildings. A high-performance central hub is used, to which all flows on the network go.

In each specific case, the choice of network architecture is purely individual and depends only on the knowledge and practical experience of the system integrator.

Scalability

The biggest problem not only of computer networks is their capacity, in other words - throughput. The closest example of this is telephone networks - the queue for connection can be several years, even in cities.

Most often, capacity problems occur in small organizations where there is not enough money to create resources for subsequent network expansion.

3.3. Network installation

Equipment selection

The next stage of network construction is the selection of equipment. There are several recommendations here, which can be summarized as follows:

· the cable is chosen to be the same for the entire network (most often twisted pair cable of the 5th category is used),

· if there are vertical sections in the network, then you need to choose a specialized cable that has stiffeners,

· use shielded cable whenever possible, this reduces the possibility of packet loss over long sections of the network.

In some cases, wireless networks should be considered,

· equipment should be selected based on price/quality ratio,

· the productivity of switching equipment must be higher than the productivity of machines.

Selecting an operating system

The choice depends entirely on the wishes of the customer and the recommendations and preferences of the system integrator. An operating system for workstations should be multifunctional and at the same time not be very demanding on the computer hardware. For servers, the main task is to combine unequal operating systems of workstations and provide a transport layer for a wide range of tasks: database processing, message transmission, management of distributed network resources.

3.4. Installation and configuration of software and delivery of the project

Installation of specialized software

At this stage, the system integrator installs all the software necessary for comfortable work for administrators and users. As a rule, there are several groups of specialized software:

· electronic document management systems,

· designer,

· design,

· monitoring utilities.

Final setup of the system

After installing all the necessary software, as a rule, final adjustment and testing of the system occurs. It should be noted that the system integrator does not have to configure the software that users will work with, it is only necessary to verify that all programs work.

At this stage, the system integrator must hand over the project to the customer. The customer must independently check the functionality of the system and only after this the system integrator can complete the contract. After this, the system integrator is not obliged to perform any actions other than those services that were specified in the contract.

CONCLUSION

During the project, the theoretical basis was described in detail and practical advice was given for deploying a local area network.

The first chapter is devoted to computer networks and contains concepts that form the information and theoretical basis of this topic:

· definition of networks,

classification of networks,

· network architecture.

Next, switching media and network devices are discussed. Most computer networks use wires or cables to connect, which act as a medium for transmitting signals between computers. Three main groups of cables are described:

· coaxial cable,

· twisted pair,

· fiber optic cable.

The wireless data transmission medium is also touched upon and a brief description of network adapters is given.

The third chapter directly reveals the topic of the course project. The main nuances of creating a network are described step by step: from preliminary work with the customer to delivery of the finished project

9. Mikryukov V.Yu. “Information, computer science, computer, information systems, networks”, “Phoenix”, 2007

10. Nans B. “Computer networks”, “BIONOM”, 2005.

11. Olifer V.G., Olifer N.A. “Computer networks”, “Peter”, 2001.

12. Stepanov A.N. “Architecture of computer systems and computer networks”, “Peter”, 2007

13. Stallings V. “Wireless communication lines and networks”, “Williams”, 2003

14. Stallings V. “Computer networks, protocols and Internet technologies”, “BHV-SPb”, 2005.

15. Stallings W. “Operating systems (4th edition)”, “Williams”, 2007.

16. Flint D. “Local computer networks: architecture, construction, implementation”, “Finance and Statistics”, 2006.

17. Chekmarev Yu.V. “Local Computer Networks”, “DMK Press”, 2009.

18. Schatt S. “The World of Computer Networks”, “BHV-SPb”, 2006.

19. Microsoft Corporation “Computer networks. Training course. Russian edition”, “Channel Trading Ltd.”. – 2007

20. http://www.3dnews.ru

21. http://www.thg.ru

22. http://ru.wikipedia.org

23. http://www.unitet.ru

24. http://softrun.ru

Tickets ais

1Administration. Correlation between system and network administration 2

2Administration. Network Administration 4

3Administration. System Administration 5

4Administration. IT service management. Problems and prospects 7

5ITSM, Issues to be resolved, need to use 9

6ITIL, communication with ITSM 10

7ITIL benefits and possible problems 11

8ITIL Library Books 12

9ITIL, service delivery 13

10ITIL, service support 15

11Other ITIL books. Certification 16

12Standards, theories and methodologies 17

13ITPM, composition, differences 18

14ITPM for enterprises. IRM – a conductor of ideas ITPM ​​19

15Tivolli Enterprise 20 architecture

16TMF (Tivoli Management Framework) 21

17Tivoli. Basic management disciplines and management applications. Software Deployment 22

18Tivoli. Basic management disciplines and management applications. Ensuring availability of networks and systems 23

19Tivoli. Basic management disciplines and management applications. Process automation. Security of information resources 24

20Tivoli. Service Desk (3 applications) 25

21Tivoli. Information Infrastructure Management (GEM), Application Management 26

1. Administration. Correlation between system and network administration

AdministrationPurpose

The history of system administration goes back several decades. Due to the dominant host-terminal architecture in the 1980s, the organization of administrative software was also centralized. In the 90s, the rapid spread of the client-server architecture led to dramatic changes: instead of monitoring a homogeneous environment, the administrator needed to solve many problems: accounting for resource distribution, license control, load redistribution, etc.

From the point of view of the tasks being solved, when mainframes predominated, their administration could be classified as system administration. With the advent of distributed architecture, management tasks were limited to overseeing the functioning of individual components. System administration includes:

Solving problem situations

Resource management

Configuration management

Performance monitoring

Data management

Network administration arose when administrators had the ability to manage the image of the entire network. For some time, network administration began to be considered as the main concern of IS administrators, which did not quite correspond to the logic of the functioning of the CIS, because the network plays the role of just infrastructure. Network administration includes:

Monitoring the operation of network equipment

Managing the functioning of networks as a whole

When the number of distributed applications exceeded a certain threshold, the process of integrating system and network administration became inevitable. Network administration began to be viewed as a component of system administration, and the network as one of the managed resources.

1. Administration. Network administration

Administration– these are management procedures that regulate some processes or part of them. These processes include work planning, construction, operation and support of an effective IT infrastructure integrated into the overall architecture of the information system. Purpose administration is to achieve such parameters for the functioning of the IS that would meet the needs of users.

Network administration includes:

Monitoring the operation of network equipment– monitoring of individual network devices, setting up and changing their configuration, troubleshooting. Also called reactive control.

Managing the functioning of networks as a whole– monitoring network traffic, identifying trends and analyzing events to proactively prevent network problems. It uses a single view of the network to make changes to the network, accounting for network resources, managing IP addresses, and packet filtering. Also called preventive administration.

The most common architecture is manager-agent. The manager runs on the management console and constantly interacts with agents on network devices. Agents collect local data about the operating parameters of a network device.

Currently, a three-level scheme is used: part of the control is delegated to the most important network nodes. Manager programs are installed in the nodes, which, through their own network of agents, control the operation of the devices, and themselves are agents of the central manager. Local and central managers interact only when necessary.

The network software industry is divided into three parts:

Network Management Platforms

Control applications from network hardware manufacturers

Third party software aimed at solving narrow network administration tasks

Course project

Administration of a computer network using the example of an STC LAN

Introduction

Computer network management- performing many functions necessary for control, planning, allocation, implementation, coordination and monitoring of computer network resources. As a rule, this term is applied to large-scale computer networks and communication networks, denoting the maintenance and administration of these networks at the top level. This is the main purpose of network administration.

Computer network management includes functions such as initial network planning, frequency allocation, pre-determining traffic routes to support load balancing, cryptographic key distribution, configuration management, fault tolerance, security, performance and accounting information.

The purpose of the course project is to create an electronic reference book on the topic “Creation of an electronic reference book on the topic “Administering a computer network using the example of the local area network of Solikamsk College of Technology.” The following tasks follow from the goals:

· searching and systematizing information on the topic of the course project;

· review of programs for creating an electronic directory;

· familiarization with the program interface;

· compiling the structure of an electronic directory.

1. Theoretical part

.1 Basic network administration functions

The International Organization for Standardization has described the FCAPS model, which reflects the key functions of network administration and management:

· (F) Fault Management

· (C) Configuration Management

· Accounting Management / Network accounting

· (P) Performance Management

· (S) Security Management

Failure management tasks are to identify, determine and eliminate the consequences of failures and failures in the network.

Configuration management consists of configuring network components, including their location, network addresses and identifiers, managing network operating system parameters, maintaining network layout: these functions are also used for naming objects.

Network accounting includes recording and managing the resources and devices used. This function operates on such concepts as usage time and resource fees.

Performance management provides real-time network performance statistics, minimizes congestion and bottlenecks, identifies emerging trends, and plans resources for future needs.

Security management - includes access control, data integrity and logging. Features include

authentication procedure, privilege checks, support for encryption keys, authority management. This group also includes important mechanisms for managing passwords, external access, and connections to other networks.

Certain sets of these functions are implemented to one degree or another in the products of developers of administration and management tools.

There are a large number of protocols that provide management of the network and network devices. The most famous among them are: SNMP, WMI, CMIP, WBEM, Common Information Model, Transaction Language 1, NETCONF and Java Management Extensions.

Some network management systems:

• HP OpenView Network Node Manager (NNM);
• IBM Tivoli Netview;
• OpenNMS.

.2 Responsibilities of the system administrator

network administrator program malicious

To perform the functions assigned to him, the network administrator performs the following responsibilities:

· Supports the uninterrupted functioning of the local computer network.

· Provides support for the functioning of computer network databases.

· Ensures the integrity of data, protects it from unauthorized access, regulates the access rights of network users to computer network resources.

· Fulfills established requirements for backup of computer network data.

· Uses standard and special means of registration and accounting of access to computer network information.

· Applies optimal programming methods in order to make full use of the tools and capabilities of computer technology.

· Maintains logs necessary for the normal functioning of a computer network.

· Conducts training for computer network users.

· Determines the possibility of using ready-made programs released by other organizations and implements them.

· Participates in the development of initial data and setting tasks for modernizing a computer network.

· At the approval stage, reviews project documentation for improving access control systems for compliance with the requirements of governing documents and technical specifications, and, if necessary, makes appropriate adjustments.

· Ensures information security of a computer network.

· Develops rules for operating a computer network, determines the authority of computer network users to access computer network resources, provides administrative support (setup, control and prompt response to incoming signals of violations of established access rules, analysis of security event logs, etc.).

· Participates in the development of technology for ensuring information security of the Employer, which provides for the procedure for interaction between the Employer's divisions on issues of ensuring security during the operation of a computer network and upgrading its software and hardware.

· Prevents unauthorized modifications of software, addition of new functions, unauthorized access to information, equipment and other shared resources of the computer network.

· Provides support and, if necessary, modification of implemented information security software.

· Develops programs for information security of computer networks and network applications.

· Develops methods and methods for organizing access of computer network users to computer network resources.

· Informs employees of the organization about vulnerabilities of the computer network, possible ways of unauthorized access and impact on the computer network, known computer viruses.

.3 System planning

Before installing the system, you need to know the answers to the following questions:

· What information processing tasks does the information system solve?

· How many and what kind of computers are used in the information system?

· How is the network built (topology, routing, etc.)?

· What is the security policy in the information system? etc.

Acceptance criteria for new systems must be specified and appropriate testing carried out prior to acceptance. To do this, the following points are considered:

· requirements for the performance and load capacity of computers;

· preparing procedures for restoring and restarting systems after failures, as well as action plans in extreme situations;

· preparing and testing daily operating procedures in accordance with specified standards;

· an indication that the installation of a new system will not have detrimental effects on functioning systems, especially at times of peak processor load (for example, at the end of the month);

· training staff to use new systems.

.4 Remote administration programs

Programs or functions of operating systems that allow you to gain remote access to a computer via the Internet or LAN and control and administer the remote computer in real time. Remote administration programs provide almost complete control over a remote computer: they make it possible to remotely control the computer’s desktop, the ability to copy or delete files, launch applications, etc.

There are many implementations of remote administration programs. All implementations differ in the interface and protocols used. The interface can be visual or console. Some of the most popular and widespread programs are, for example, the Windows Remote Desktop Services component with a client

Remote Desktop Connection, Radmin, DameWare, PuTTy, VNC, UltraVNC, Apple Remote Desktop, Hamachi, TeamViewer, Remote Office Manager, etc.

Actually, for the purpose of transmitting administration commands and displaying the screen, remote administration protocols are used: RDP, VNC, X11, Telnet, Rlogin, RFB, ARD, ICA, ALP and their own. To encrypt traffic in remote administration programs, the protocols SSH, SSL, TLS, etc. are used.

.5 Tasks and goals of network administration

Modern corporate information systems by their nature are always distributed systems. User workstations, application servers, database servers and other network nodes are distributed over a large area. In a large company, offices and sites are connected by various types of communications using various technologies and network devices. The main task of a network administrator is to ensure reliable, uninterrupted, productive and secure operation of this entire complex system.

A network as a set of software, hardware and communication tools that ensure efficient distribution of computing resources. All networks are divided into 3 categories:

· local networks (LAN, Local Area Network);

· city ​​networks (MAN, Metropolitan Area Network).

Global networks make it possible to organize interaction between subscribers over long distances. These networks operate at relatively low speeds and can introduce significant delays in the transmission of information. The length of global networks can be thousands of kilometers. Therefore, they are somehow integrated with national networks.

Urban networks allow interaction across smaller areas and operate at medium to high speeds. They slow down data transmission less than global ones, but cannot provide high-speed interaction over long distances. The length of urban networks ranges from several kilometers to tens and hundreds of kilometers.

Local networks provide the highest speed of information exchange between computers. A typical local network occupies the space of one building. The length of local networks is about one kilometer. Their main purpose is to bring users (usually from the same company or organization) together to work together.

Data transmission mechanisms in local and global networks are significantly different. Global networks are connection-oriented - before data transmission begins, a connection (session) is established between subscribers. In local networks, methods are used that do not require prior establishment of a connection - a data packet is sent without confirming the recipient’s readiness for exchange.

In addition to the difference in data transfer speed, there are other differences between these categories of networks. In local networks, each computer has a network adapter that connects it to the transmission medium. Metropolitan networks contain active switching devices, and wide area networks typically consist of groups of powerful packet routers connected by communication links. Additionally, networks can be private or public networks.

The network infrastructure is built from various components, which can be divided into the following levels:

· cable system and communications;

· active network equipment;

· network protocols;

· network services;

· network applications.

Each of these levels may consist of various sublevels and components. For example, cable systems can be built on the basis of coaxial cable (“thick” or thin), twisted pair (shielded and unshielded), or optical fiber. Active network equipment includes types of devices such as repeaters ( repeaters), bridges, hubs, switches, routers. A corporate network can use a rich set of network protocols: TCP/IP, SPX/IPX, NetBEUI, AppleTalk, etc.

The basis of the network is the so-called network services (or services). The basic set of network services of any corporate network consists of the following services:

1.network infrastructure services DNS, DHCP, WINS;

2.file and print services;

.directory services (such as Novell NDS, MS Active Directory);

.messaging services;

.database access services.

The highest level of network functioning is network applications.

The network allows a wide variety of computer systems to easily communicate with each other thanks to standardized data transfer methods, which allow you to hide from the user the whole variety of networks and machines.

All devices operating on the same network must communicate in the same language - transmit data in accordance with a well-known algorithm in a format that will be understood by other devices. Standards are a key factor when connecting networks.

For a more rigorous description of network operation, special models have been developed. The currently accepted models are the OSI (Open System Interconnection) model and the TCP/IP model (or DARPA). Both models will be discussed in this section below.

Before defining the tasks of network administration in a complex distributed corporate network, we will formulate a definition of the term “corporate network” (CN). The word "corporation" means an association of enterprises operating under centralized control and solving common problems. The corporation is a complex, multidisciplinary structure and, as a result, has a distributed hierarchical management system. In addition, the enterprises, branches and administrative offices included in the corporation are usually located at a sufficient distance from each other. For centralized management of such an association of enterprises, a corporate network is used.

The main task of the CS is to ensure the transfer of information between various applications used in the organization. An application refers to software that is directly needed by the user, such as an accounting program, word processing program, email, etc. A corporate network allows applications, often located in geographically different areas, to communicate and be accessed by remote users. In Fig. 1.1. shows a generalized functional diagram of a corporate network.

An obligatory component of a corporate network are interconnected local networks.

In general, a CS consists of various departments united by communication networks. They can be wide area (WAN) or metropolitan (MAN).

Rice. 1.1. Generalized CS scheme

Network administration tasks in a complex distributed network:

Network planning.

Despite the fact that the planning and installation of large networks is usually carried out by specialized integrator companies, the network administrator often has to plan certain changes in the network structure - adding new jobs, adding or removing network protocols, adding or removing network services, installing servers, splitting the network into segments, etc. These efforts must be carefully planned to ensure that new devices, nodes, or protocols are added or removed from the network without compromising the integrity of the network, without compromising performance, or disrupting the infrastructure of network protocols, services, and applications.

1.Installation and configuration of network nodes (active network equipment devices, personal computers, servers, communications media).

These works may include - replacing the network adapter in a PC with the appropriate computer settings, moving a network node (PC, server, active equipment) to another subnet with corresponding changes in the network parameters of the node, adding or replacing a network printer with the appropriate settings of workstations.

2.Installation and configuration of network protocols.

This task includes the following tasks: planning and configuring basic network protocols for a corporate network, testing the operation of network protocols, and determining optimal protocol configurations.

3.Installing and configuring network services.

A corporate network may contain a large set of network services. Let us briefly list the main tasks of administering network services:

· installation and configuration of network infrastructure services (DNS, DHCP, WINS services, routing services, remote access and virtual private networks);

· installing and configuring file and print services, which now make up a significant portion of all network services;

· directory services administration (Novell NDS, Microsoft Active Directory), which form the basis of the corporate security system and access control to network resources;

· administration of messaging services (e-mail systems);

· administration of database access services.

4.Troubleshooting.

A network administrator must be able to detect a wide range of faults - from a faulty network adapter on a user's workstation to failures of individual ports on switches and routers, as well as incorrect settings of network protocols and services.

5.Finding network bottlenecks and improving network efficiency.

The task of network administration includes analyzing the operation of the network and identifying the bottlenecks that require either replacing network equipment, upgrading workstations, or changing the configuration of individual network segments.

6.Monitoring network nodes.

Monitoring network nodes includes monitoring the functioning of network nodes and the correct performance of the functions assigned to these nodes.

7.Network traffic monitoring.

Monitoring network traffic allows you to detect and eliminate various types of problems: high load on individual network segments, excessive load on individual network devices, failures in the operation of network adapters or ports of network devices, unwanted activity or attacks by intruders (spread of viruses, hacker attacks, etc.).

8.Ensuring data protection.

Data protection includes a large set of different tasks: data backup and recovery, development and implementation of security policies for user accounts and network services (requirements for password complexity, frequency of password changes), building secure communications (using the IPSec protocol, building virtual private networks , wireless network security), planning, implementing and maintaining public key infrastructure (PKI).

.6 Security Administration

Security Administrationincludes the dissemination of information necessary for the operation of services and security mechanisms, as well as the collection and analysis of information about their functioning. Examples include distributing cryptographic keys, setting security parameters, maintaining a log, etc.

The conceptual basis of administration is the security management information base. The database may not exist as a single (distributed) storage, but each of the end systems must have the information necessary to implement the selected security policy.

According to the X.800 recommendations, the efforts of the security administrator should be distributed in three areas: administration of the information system as a whole; administration of security services; administration of security mechanisms.

Among the actions, we note ensuring the relevance of the security policy, interaction with other administrative services, responding to ongoing events, auditing and secure recovery.

Administration of security services includes identifying protected objects, developing rules for selecting security mechanisms (if alternatives are available), combining mechanisms for implementing services, and interacting with other administrators to ensure coordinated operation.

The responsibilities of the security mechanism administrator are determined by the list of mechanisms involved. A typical list is:

· key management(generation and distribution);

· encryption management(installation and synchronization of crypto parameters);

· access control administration(distribution of information,

· necessary for management - passwords, access lists, etc.);

· authentication management(distribution of information necessary for authentication - passwords, keys, etc.);

· traffic padding control(development and maintenance of rules that specify the characteristics of complementary messages - frequency of sending, size, etc.);

· routing control(highlighting trusted paths);

· notarization management(dissemination of information about notary services, administration of these services).

That. administration of security features in a distributed IS has many features compared to centralized systems.

1.7 Malware protection

Automatic updates - Modern operating systems are very complex software products, and hackers sometimes manage to find vulnerabilities in them that allow them to gain control of the computer. When programmers from Microsoft become aware of this, a system update is immediately released to eliminate the vulnerability. Timely updating of Windows 7 will allow you to protect yourself from hacking using any of the known vulnerabilities. Defender is not just a system scanner, like other similar free programs. It includes a number of security modules that monitor suspicious changes in certain segments of the system in real time. The program also allows you to quickly remove installed ActiveX applications. Using access to the Microsoft SpyNet network, it is possible to send messages about suspicious objects to Microsoft to determine whether it may be spyware.

Handling and protecting storage media

To use the external media usage control mode in Windows 7, the administrator must use group (local) policies. Using group policies, an administrator can specify specific devices that are allowed to be used on a given computer. This can be done in several ways:

) Access via device ID

Let’s assume that an employee has been allocated flash drive A by order, but he can bring another flash drive B from home. Using group policies in Windows 7, you can make sure that flash drive A will work, and when you turn on flash drive B, the employee will receive notification that he violates the security policy.

) Encryption of removable storage media

Encrypting removable media in Windows 7 can be done in several ways. The easiest way is to encrypt the USB drive if it is formatted as NTFS. In this case, encryption is carried out similarly to hard disk encryption. However, some of the encryption Group Policy rules can be used specifically to manage removable media. For example, by using Provide the unique identifiers for your organization, you can specify a unique organization name and then use this field to manage removable media.

3) Deny write access to removable drives not protected BitLocker

With this policy rule, you can prevent writing to removable drives that are not protected by BitLocker. In this case, all removable drives that are not protected by BitLocker will be read-only. If the “Deny write access to devices configured in another organization” option is selected, then writing will only be available on removable disks belonging to your organization. The check is performed using two identification fields defined according to the group policy rule “Provide the unique identifiers for your organization”.

.8 Control of protective equipment

The concept of computer data protection includes both the development and implementation of appropriate protection methods and their constant use. The implementation of data protection begins with the order of the manager and ends with the practical application of protection methods. The need for information protection is determined by the centralization of the processing of economic information in shared computing centers, easier access to data thanks to means of communication with more powerful computers and stricter state regulations on secrecy, as well as market relations in business when there is a need to preserve trade secrets.

The functioning of the ASOI is based on the creation of information banks. Communication means make this data available to everyone who has access to a common telephone line. The ever-increasing concentration of data, coupled with its accessibility through communication lines, increases the need for information protection, and given that businesses strive to maintain trade secrets, data protection is extremely necessary.

Powerful computers create conditions for the growth of unauthorized access to computer resources and allow complex information processing procedures to be performed. For example, the use of database management system query languages ​​makes it possible to accomplish activities in minutes that would take months to design, code, implement, test, and process information without a database.

The creation of a democratic legal state determines the need to guarantee the rights of personal integrity when processing information on a computer about personal life, correspondence, family income, etc.

To carry out preventive functions of financial and economic control and audit, data protection allows you to avoid abuse by persons who have access to computer databases. Practice shows that in the conditions of AIS, theft of valuables is carried out with the participation of accountants and employees of computer centers who process economic information.

The main goal of protecting computer data is to prevent phenomena that negatively affect business results.

Destruction of information - unauthorized destruction of information resources to conceal the facts of theft of valuables. This applies to accounting and economic information on settlements with enterprise employees, suppliers, the use of material assets, funds, etc.

Data theft - theft of information from a computer can be carried out without destroying databases. In particular, such information includes codes of an enterprise employee, inventory items, and production operations. Having these codes at the stage of preparing data and processing them on a computer, dishonest persons can inflate the earnings of individual workers, write off precious metals and scarce materials as production costs, and thus create surpluses for their subsequent theft.

Changing data - deliberate distortion of data - includes erasing and replacing records, using incorrect codes in accounting for cash and material assets, etc. For example, the code of the personnel number of a dismissed employee is saved in the database and used to calculate wages to a dummy with the subsequent transfer of money to a special account in Sberbank.

Incorrect use of automated control systems - technical means and computer resources are often used to process information for other enterprises on a so-called cooperative basis, when employees of a computer center receive payment for services for payroll, accounting of material assets and funds personally, bypassing the enterprise that owns the computer equipment technology. As a result of this operation, depreciation of computers and other technical equipment, maintenance of premises, and energy costs are not compensated to the owner of the computer center.

Data protection is carried out by a special official - the information protection administrator. Its functions include ensuring physical and logical protection of information resources. Physical protection covers technical means, the computer room, communication lines and remote terminals, logical protection concerns the data itself, as well as application programs and operating system software.

The functions of a special administrator include responsibility for data confidentiality. Without personal responsibility, it is difficult to introduce, implement and control an information security program, which includes: employee responsibility for the safety of information files; bringing cases of data protection violations to the attention of management; fight against file protection violators. Technical security measures are used by the security administrator to protect both the computing installations themselves and the data or programs within these installations.

Data protection software is used in real-time computer conditions using special programs. Security measures can be built into system software packages and application systems. In addition, by identifying specific needs, the remedies that best address those problems can be selected.

A data protection verification program is compiled by simulating, using tests, different options for distorting or stealing data for the purpose of committing illegal actions. Although data security testing cannot cover every possible abuse, testing is still the most radical means of creating and operating data security testing programs.

The auditor and auditor of the present and future generations are not similar to their predecessors. Both the function of a documentary auditor and the idea of ​​him are rapidly changing with changes in the concepts of managing the national economy and the role of financial and economic control in it. Therefore, the methodology for data protection in AIS will be constantly improved as new generations of computers are identified and data management systems develop.

Consequently, control over the protection of computer data creates the necessary prerequisites for avoiding distortion of information at the stages of preparation, processing and storage in order to prevent abuse by employees and ensure the safety of valuables.

.9 Programs for creating an electronic directory

The more reference material a user has at his disposal, the more relaxed he should feel. But the abundance of materials gives rise to another problem: how to provide the user with quick and convenient access to a specific topic, a specific term, etc. The creation of electronic documentation has been based on hypertext technology for a long time. One of its most important advantages is the presence of interactive links that allow the reader to move between topics in almost any order. “Almost” because in fact the possible transitions are determined by the navigation structure of the document proposed by its creator. In addition, certain features in working with a document are determined by the specifics of a particular hypertext format. Currently, about a dozen different formats are used to create hypertext documents, including PDF (Portable Document Format), RTF (Rich Text Format), DOC (Document Word) and WinHelp (Windows Help), as well as a whole family of hypertext markup languages, the most popular of which HTML (Hypertext Markup Language) and XML (eXtensible Markup Language) can be considered. The specialized CHM (Compiled HTML) format should also be added here. However, not all existing formats are suitable for creating directories. The reasons are different: some formats do not provide an acceptable compactness of the final document, others do not have sufficient functionality and expressiveness, and others require the installation of additional (and expensive) software on users’ computers.

Rice. 1.2. PDF Help File

Access to the directory can be implemented in several ways. The most common of these is an explicit call through the corresponding help menu command, but it is also possible to use a special button on the toolbar or call through the context menu of the icon of a specific object. So, in order for an electronic document format to be suitable for creating a directory, it (the format) must have the following properties:

· ensure acceptable compactness of the final document;

· have sufficient functionality (in particular, support full-text search);

· support the ability to present multimedia information (graphics, video, sound);

· do not require installation of additional software on users’ computers;

· It is quite easy to integrate with the program code of the application being created.

For applications developed under Windows, today three formats meet most of the requirements listed above: WinHelp, HTML, HTML Help (CHM).

In the time since the appearance of Help Workshop (and then HTML Help Workshop), third-party developers have offered many tools designed for creating reference books. However, all of them use engines from Help Workshop and HTML Help Workshop to generate output files (.hlp and .chm). In some products, only compilers of the corresponding formats are used, in others, the directory developer was given full access to the Help Workshop and HTML Help Workshop interface.

Thus, when it comes to choosing the most suitable tool, it makes sense to take into account the following factors:

· What directory output formats does it support?

· How fully does it use the opportunities that the directory format provides;

· How convenient are the tools for managing project parameters?

· Does the tool include tools for testing hypertext links;

· Does the tool allow you to work with source data formats (RTF - for WinHelp and HTML - for HTML Help);

· Interaction with additional tools necessary for preparing multimedia materials is so conveniently implemented;

· What is the degree (or possibility) of integration with the application development environment for which the reference book is being created.

When creating reference books in Russian, an important factor is also how correctly the tool works with Cyrillic (although the WinHelp and HTML Help formats themselves do not impose any restrictions in this regard.)

Help And Manual.

An evaluation version of the program is located on the website of the developer, EC Software, at www.helpandmanual.com. The evaluation version is operational for 14 days. There is one more limitation: when generating a reference book in HTML Help format, some hypertext links are replaced with links to the developer’s website.

Using this package, you can get a reference book in three formats: WinHelp, HTML Help and WebHelp (the developers of HelpAnd Manual call it Brouser Based Help). In addition, it is possible to export the reference book to a PDF file and to a Word text editor file (.doc or .rtf). Finally, the Help And Manual package is capable of creating electronic books. This book is very similar in appearance to a reference book in HTML Help format, but is a stand-alone Windows application (EXE file). The e-book format has one significant drawback - it is not very compact (but is quite suitable for distributing additional educational materials on CDs).

The HelpAnd Manual package uses Microsoft compilers to generate reference books in WinHelp and HTML Help formats, but the directory developer does not have direct access to the Help Workshop and HTML Help Workshop interface.

It should be noted that the distribution includes the Help Workshop program, but the HTML Help Workshop is supposed to be obtained on the EC Software website. If this tool is already installed on your computer, you should specify its location.

The HelpAnd Manual package is able to decompile help files (.hlp and .chm) and create a new project based on them.

When creating a Russian-language directory in the WinHelp format, no additional settings are required. Before generating the CHM file, you must specify the language to use. Also, on the company’s website you can get a Russian dictionary that connects to Help And Manual to check the spelling of the text sections.

Mif2GOGO is not a standalone application, but a plug-in module that can only work in conjunction with the Adobe FrameMaker package. This is a layout program aimed at creating large documents with a complex structure. It implements tools for automatic numbering of tables and illustrations, construction of a table of contents and indexes. In addition, it supports cross-referencing and hypertext links, allows you to link graphics to paragraphs of text, and much more. You can divide a document into chapters, assemble chapters into a book, and FrameMaker will automatically update page numbers and links no matter how pages, chapters, or sections are rearranged.

FrameMaker uses its own file format (.fm and .book) to store documents, but the program has tools that allow you to export files to PDF and HTML formats. It should also be noted that the FrameMaker program was originally created for the preparation of technical descriptions of weapon systems (in particular, aircraft), as well as the layout of texts that require frequent updates (which is software documentation).

The Mif2GO package was developed by Omni Systems, and is distributed free of charge for certain categories of users (non-corporate technical writers, FrameMaker students, and some others). A demo version of the package is also available on the company's website (www.omsys.com). It is fully functional, except that when generating a reference book, individual fragments of text are randomly replaced with lines from Lewis Carroll's poem "Jabberwocky". GO allows you to create reference books in five formats: WinHelp, HTML Help, OmniHelp (Omni Systems' proprietary cross-platform help system format , similar to WebHelp format), Oracle Help and JavaHelp. To generate output files in the listed formats, you must have the appropriate compilers on your computer, which are not included in the Mif2GO distribution and must be installed separately. In fact, no installation is required to connect Mif2GO to FrameMaker. It is enough to copy the files from the distribution kit to the folders specified in the installation instructions.

The Mif2GO program uses files in RTF and HTML formats as input data for creating WinHelp and HTML Help directories. However, before they can be derived from FrameMaker's own files (.fm and .book), they must go through a multi-step conversion process.

RoboHelp.is a whole family of products manufactured by eHelp Corporation (www.ehelp.com). Three configuration options are available.

Enterprise. This option includes the only product, RoboHelp Enterprise, which allows you to create a help system in the same format. Its significant difference from all the formats discussed above is that it assumes the presence of a server and client part of the help system. Server software, based on Microsoft's IIS (Internet Information Server), allows you to track the user's actions while working with the help system. Thanks to this, the developer can obtain very valuable statistical data about the interests of users. The format of the client-side help is similar to that of WebHelp.

Professional. This option includes a set of tools under the general name RoboHelp Office. The set includes:

· RoboHelp HTML is an application designed for creating help systems based on the HTML language and allowing you to generate reference books in the formats WebHelp, Microsoft HTML Help, JavaHelp and Oracle Help for Java;

· RoboHelp Classic is an application specializing in the preparation of reference books in the WinHelp format, including the modified WinHelp 2000 format;

· RoboHelp Tools - additional service applications designed to make the work of the directory author easier (including Software Video Camera - an application that allows you to “record” an audio video about working with the application).

Standard. This is a lightweight version of RoboHelp Office, which includes three tools:

· RoboHelp for Microsoft HTML Help - an application for developing help systems in HTML Help format;

· RoboHelp for WinHelp - an application for developing help systems in the WinHelp format;

· RoboHelp for Word is an application that allows you to create reference books in all standard formats (WebHelp, Microsoft HTML Help, JavaHelp), but with one limitation: only Microsoft Word can be used as a section editor (including HTML files).

To work with source data formats (RTF - for WinHelp and HTML - for HTML Help), RoboHelp uses Microsoft Word by default, but to create directory sections it uses its own templates, which largely automate the editing process. Word cannot be considered an ideal tool for creating files in RTF and HTML formats because the output files contain redundant tags. But if there is no alternative to working with RTF, then to prepare sections in RoboHelp HTML, you can connect any HTML editor.

When developing using the RoboHelp HTML application, the Cyrillic alphabet may not be displayed correctly. Because Initially, RoboHelp Office does not provide support for the Russian language. At the same time, RoboHelp practically does not change the parameters of an RTF file created in Word. Therefore, when generating a directory in the WinHelp format, language problems are quite rare. When creating a help system in HTML Help format, problems with the correct display of the Cyrillic alphabet (at the stage of reference development) are more likely. This problem can be solved in several ways, including by connecting an external HTML editor to RoboHelp HTML.

Introduction ............................................................................................................... 3

Defining the network infrastructure................................................................... ...................... 5

Network administration................................................................ ................................ 7

Monitoring........................................................ ........................................................ ..... 13

Conclusion................................................. ........................................................ ....... 18

List of used literature......................................................... .................. 20

In our age of computer technology, not a single company can do without the use of computers. And if there are several computers, then they are usually combined into a local area network (LAN).

A computer network is a system of interconnected computers, as well as possibly other devices called nodes (workstations) of the network. All computers on the network are connected to each other and can exchange information.

As a result of connecting computers into a network, the following opportunities arise:

Increasing the speed of transmission of information messages

Fast exchange of information between users

Expanding the list of services provided to users by combining significant computing power with a wide range of different software and peripheral equipment into the network.

Use of distributed resources (printers, scanners, CD-ROMs, etc.).

Availability of structured information and effective search for the necessary data

Networks provide enormous benefits that are unattainable when using computers separately. Among them:

Processor resource sharing. By sharing processor resources, it is possible to use computing power for simultaneous data processing by all stations included in the network.

Data separation. Data sharing makes it possible to manage databases from any workstation that needs information.

Internet sharing. A LAN allows you to provide access to the Internet to all your clients using just one access channel.

Resource sharing. A LAN allows you to economically use expensive resources (printers, plotters, etc.) and access them from all connected workstations.

Multimedia capabilities. Modern high-speed technologies make it possible to transmit audio and video information in real time, which allows you to conduct video conferences and communicate over the network without leaving your workplace.

LANs have found wide application in computer-aided design and technological preparation systems, production control systems and technological complexes, office systems, on-board control systems, etc. LAN is an effective way to build complex control systems for various production departments.

Defining the Network Infrastructure

Network infrastructure is the set of physical and logical components that provide communications, security, routing, management, access, and other essential properties of a network.

Most often, the network infrastructure is determined by the project, but much is determined by external circumstances and “heredity”. For example, connecting to the Internet requires support for appropriate technologies, in particular the TCP/IP protocol. Other network parameters, such as the physical layout of the main elements, are determined during design and then inherited by later versions of the network.

The physical infrastructure of a network refers to its topology, that is, the physical structure of the network with all its equipment: cables, routers, switches, bridges, hubs, servers and nodes. Physical infrastructure also includes transport technologies: Ethernet, 802.11b, public switched telephone network (PSTN), ATM - together they define how communication occurs at the level of physical connections.

The logical network infrastructure consists of a whole variety of software elements that serve to communicate, control and secure network nodes, and provides communication between computers using communication channels defined in the physical topology. Examples of logical network infrastructure elements include the Domain Name System (DNS), network protocols such as TCP/IP, network clients such as Client Service for NetWare, and network services such as Quality of Service Packet Scheduler (QoS)

Maintaining, administering and managing the logical infrastructure of an existing network requires in-depth knowledge of many network technologies. A network administrator, even in a small organization, must be able to create various types of network connections, install and configure the necessary network protocols, know manual and automatic addressing methods and name resolution methods, and finally troubleshoot communications, addressing, access, security, and name resolution problems. In medium and large networks, administrators have more complex tasks: setting up remote access via dial-up and virtual private networks (VPN); creating, configuring, and troubleshooting interfaces and routing tables; creating, maintaining and troubleshooting a public key-based security subsystem; maintenance of mixed networks with different operating systems, including Microsoft Windows, UNIX and Nowell NetWare.

Network administration.

Modern corporate information systems by their nature are always distributed systems. User workstations, application servers, database servers and other network nodes are distributed over a large area. In a large company, offices and sites are connected by various types of communications using various technologies and network devices. The main task of a network administrator is to ensure reliable, uninterrupted, productive and secure operation of this entire complex system.

We will consider the network as a set of software, hardware and communication tools that ensure the efficient distribution of computing resources. All networks can be divided into 3 categories:

local networks (LAN, Local Area Network);

global networks (WAN, Wide Area Network);

city ​​networks (MAN, Metropolitan Area Network).

Global networks make it possible to organize interaction between subscribers over long distances. These networks operate at relatively low speeds and can introduce significant delays in the transmission of information. The length of global networks can be thousands of kilometers. Therefore, they are somehow integrated with national networks.

Urban networks allow interaction across smaller areas and operate at medium to high speeds. They slow down data transmission less than global ones, but cannot provide high-speed interaction over long distances. The length of urban networks ranges from several kilometers to tens and hundreds of kilometers.

Local networks provide the highest speed of information exchange between computers. A typical local network occupies the space of one building. The length of local networks is about one kilometer. Their main purpose is to bring users (usually from the same company or organization) together to work together.

Data transmission mechanisms in local and global networks are significantly different. Global networks are connection-oriented - before data transmission begins, a connection (session) is established between subscribers. In local networks, methods are used that do not require prior establishment of a connection - a data packet is sent without confirming the recipient’s readiness for exchange.

In addition to the difference in data transfer speed, there are other differences between these categories of networks. In local networks, each computer has a network adapter that connects it to the transmission medium. Metropolitan networks contain active switching devices, and wide area networks typically consist of groups of powerful packet routers connected by communication links. Additionally, networks can be private or public networks.

The network infrastructure is built from various components, which can be divided into the following levels:

1. cable system and communications;

2. active network equipment;

3. network protocols;

4. network services;

5. network applications.

Each of these levels may consist of various sublevels and components. For example, cabling systems can be built on the basis of coaxial cable ("thick" or thin"), twisted pair (shielded and unshielded), fiber optics. Active network equipment includes types of devices such as repeaters (repeaters), bridges, hubs, switches, routers. A rich set of network protocols can be used in a corporate network: TCP/IP, SPX/IPX, NetBEUI, AppleTalk, etc.

The basis of the network is the so-called network services (or services). The basic set of network services of any corporate network consists of the following services:

Network infrastructure services DNS, DHCP, WINS;

File and Print Services;

Directory services (for example, Novell NDS, MS Active Directory);

Messaging services;

Database access services.

The highest level of network functioning is network applications.

The network allows a variety of types of computer systems to easily interact with each other thanks to standardized data transfer methods that make it possible to hide the variety of networks and machines from the user.

All devices operating on the same network must communicate in the same language - transmit data in accordance with a well-known algorithm in a format that will be understood by other devices. Standards are a key factor when connecting networks.

• Network installation and configuration. Support for its continued performance.
• Monitoring. System planning.
• Installation and configuration of hardware devices.
• Software installation.
• Archiving (backup) information.
• Creation and management of users.
• Installation and control of protection.

Here is a summary of the job responsibilities of a network administrator:

1. Installs network software on servers and workstations.
2. Configures the system on the server.
3. Provides software integration on file servers, database management system servers and workstations.
4. Maintains the operating state of the server software.
5. Registers users, assigns IDs and passwords.
6. Trains users to work online and maintain archives; answers user questions related to working online; draws up instructions for working with network software and brings them to the attention of users.
7. Controls the use of network resources.
8. Organizes access to local and global networks.
9. Sets restrictions for users on:
   • using a workstation or server;
   • time;
   • degree of resource use.
10. Ensures timely copying and backup of data.
11. Contacts technical personnel when troubleshooting network equipment is detected.
12. Participates in restoring system functionality in case of failures and failure of network equipment.
13. Detects user and network software errors and restores system functionality.
14. Monitors the network, develops proposals for the development of network infrastructure.
15. Provides:
    • network security (protection against unauthorized access to information, viewing or changing system files and data);
    • Internet security.
16. Prepares proposals for the modernization and acquisition of network equipment.
17. Supervises the installation of equipment by specialists from third-party organizations.
18. Informs his immediate supervisor about cases of network abuse and the measures taken.
19. Maintains a log of system information and other technical documentation.
20. ………………………………………………………………………………………………

User groups - what is it and why?

All network users are divided into groups according to their authority. Each group can be responsible for performing certain tasks. It is possible to define the rights of user groups in such a way that users have all the rights they need to perform their functions, but nothing more. Only one user - the network administrator (supervisor) - should have all rights. He has all rights, including the ability to create user groups and determine the rights they have.

Users can be members of several groups at the same time. You can, for example, create a new directory and allow access to it immediately for all network users. In this case, you will have to change access rights not for all users (there may be several dozen of them), but only for one group, which is much easier. It makes sense for each laboratory or department to create its own user group. If you have users who require additional rights (for example, access rights to certain directories or network printers), create appropriate user groups and grant them these rights.

If there are many workstations on the network that are located in different rooms and belong to different departments or laboratories, it makes sense to create a group of network administrators. The rights of multiple network administrators are determined by the system administrator. Network administrators should not be given full system administrator rights. It is quite enough if each department or laboratory has one or two administrators who have management rights only for users working in this department or laboratory. If a department or laboratory has a network printer or any other network resources, the administrator must have rights to manage these devices. However, there is absolutely no need for the administrator of one laboratory to be able to manage a network printer belonging to another laboratory. In this case, users must have the minimum access rights to the server disks necessary for normal operation.

Thus, it is obvious that the creation of user groups is relevant only in large computer networks. If the network is small, then one person can handle issues such as adding new users, access control to server disks, network printers and other network resources, and there is no point in creating groups of administrators and ordinary users.

Creating a user group

We launch the server on a virtual machine. Let's recruit a team mmc and add to the console the equipment we will work with - DNS, DHCP, AD users and computers. This requires the command Console-Add or remove snap-in-Add(Fig. 55.1.

Rice. 55.1.

Now in AD right click and run the command Create-Group( Fig. 55.2 and ( Fig. 55.3).

Security group assigns access rights to network resources (administers). Distribution group cannot do administration, she is engaged in sending messages. Local in the domain can contain a user from any domain in the forest, but this group can only be administered in the domain in which the group was created. Global can contain users from the domain in which it was created, but they can be administered by anyone