Windows Server 2008 R2 Unleashed (156 page)

. BitLocker

. Password policies (such as length, strength, and age)

. GPO security-related policies

. Registry security

. Security breach identification procedures

. Lockdown procedures

Change Control

Although the documentation of policies and procedures to protect the system from exter-

nal security risks is of utmost importance, internal procedures and documents should also

be established. Developing, documenting, and enforcing a change-control process helps

protect the system from well-intentioned internal changes.

Best Practices

791

In environments with multiple administrators, it is very common to have the interests of

one administrator affect those of another. For instance, an administrator might make a

configuration change to limit volume size for a specific department. If this change is not

documented, a second administrator might spend a significant amount of time trying to

troubleshoot a user complaint from that department. Establishing a change-control

process that documents these types of changes eliminates confusion and wasted resources.

22

The change-control process should include an extensive testing process to reduce the risk

of production problems.

Reviewing Reports

A network environment might have many security mechanisms in place, but if the infor-

mation such as logs and events obtained from them isn’t reviewed, security is more

relaxed. Monitoring and management solutions (such as SCOM) can help consolidate this

information into a report that can be generated on a periodic basis. This report can be

invaluable to continuously evaluating the network’s security.

The reports should be reviewed daily and should include many details for the administra-

tors to analyze. SCOM, for example, can be customized to report on only the most perti-

nent events for keeping the environment secure.

ptg

Management-Level Reporting for Security Assessments

Management should be informed of any unauthorized access or attempts to compromise

security. The technical details that an administrator appreciates are usually too detailed for

management. Therefore, management-level reporting on security issues should contain

only vital statistics and any risks that might be present. Business policy and budget-related

decisions can then be made to strengthen the environment’s security.

Summary

Most, if not all, aspects of a Windows Server 2008 R2 network environment can be docu-

mented. However, the type of documentation that can benefit the environment depends

on each organization. Overall, documenting the environment is an important aspect of

the network and can assist all aspects of administration, maintenance, support, trou-

bleshooting, testing, and design.

Best Practices

The following are best practices from this chapter:

. Create documents that target a specific audience and meet a particular goal.

. Have documentation reviewed and approved by other stakeholders in the organiza-

tion to make sure that it meets their needs as well, and to simply get input from

another source. For technical procedures, the document also must be tested and

walked through.

792

CHAPTER 22

Documenting a Windows Server 2008 R2 Environment

. Consolidate and centralize documentation for the organization.

. Document the company’s policies and procedures for securing and maintaining the

Windows environment.

. Create well-thought-out and professional planning and design documentation to

avoid costly mistakes in the implementation or migration process, such as buying

too many server licenses or purchasing too many servers.

. Baseline and document the state of a Windows Server 2008 R2 server so that any

changes in its performance can be identified at a later date.

. Use tools such as Microsoft Project to facilitate the creation of project plans, enable

the assignment of one or more resources per task, and enable the assignment of

durations and links to key predecessors.

. Create disaster recovery documentation that includes step-by-step procedures for

rebuilding each server and network device to minimize downtime and administration.

. Document daily, weekly, monthly, and quarterly maintenance tasks to ensure the

health of the systems.

. Use documentation to facilitate training.

ptg

. Document business and technical policies for the organization.

. Establish a plan for reviewing and updating documents and make it a part of routine

maintenance.

CHAPTER 23

IN THIS CHAPTER

Integrating System Center

. Windows Server 2008 R2

Monitoring

Operations Manager 2007

. What’s New in OpsMgr R2

R2 with Windows Server

. Explaining How OpsMgr Works

.

2008 R2

Outlining OpsMgr Architecture

. Understanding How to Use

OpsMgr

System Center Operations Manager (OpsMgr) 2007 R2

. Understanding OpsMgr

provides the best-of-breed approach to monitoring and

Component Requirements

managing Windows Server 2008 R2 within the environ-

ment. OpsMgr helps to identify specific environmental

. Understanding Advanced

conditions before they evolve into problems through the

OpsMgr Concepts

use of monitoring and alerting components.

. Securing OpsMgr

OpsMgr provides a timely view of important Windows

. Installing OpsMgr 2007 R2

Server 2008 R2 conditions and intelligently links problems

ptg

. Configuring Operations

to knowledge provided within the monitoring rules. Critical

Manager 2007 R2

events and known issues are identified and matched to

technical reference articles in the Microsoft Knowledge Base

. Monitoring DMZ Servers with

for troubleshooting and quick problem resolution.

Certificates

The monitoring is accomplished using standard operating

. Using Operations Manager

2007 R2

system components such as Windows Management

Instrumentation (WMI), Windows event logs, and

Windows performance counters, along with Windows

Server 2008 R2 specific API calls and scripts. OpsMgr-

specific components are also designed to perform synthetic

transaction and track the health and availability of

network services. In addition, OpsMgr provides a reporting

feature that allows administrators to track problems and

trends occurring on the network. Reports can be generated

automatically, providing network administrators, managers,

and decision makers with a current and long-term histori-

cal view of environmental trends. These reports can be

delivered via email or stored on file shares for archive to

power web pages.

The following sections focus on defining OpsMgr as a

monitoring system for Windows Server 2008 R2. This

chapter provides specific analysis of the way OpsMgr

794

CHAPTER 23

Integrating System Center Operations Manager 2007 R2 with

Windows Server 2008 R2

operates and presents OpsMgr design best practices, specific to deployment for Windows

Server 2008 R2 monitoring.

Windows Server 2008 R2 Monitoring

The Operations Manager 2007 R2 monitoring is organized into management packs (MPs)

for ease of installation and versioning. The Operations Manager 2007 R2 includes some of

the best management packs for monitoring and maintaining Windows Server 2008 R2.

These include the following:

. Windows Server Operating System MPs

. Active Directory Server MPs

. Windows Cluster Management MPs

. Microsoft Windows DNS Server MPs

. Microsoft Windows DHCP Server MPs

. Microsoft Windows Group Policy MPs

ptg

. Microsoft Windows Hyper-V MPs

. Windows Server Internet Information Services MPs

. Windows Server Network Load Balancing MPs

. Windows Server Print Server MPs

. Windows Terminal Services MPs

Each of the preceding categories includes several different management packs to support

monitoring, discovery, and libraries. These management packs were developed by the

product groups and include deep knowledge about the product.

The features of the management packs for the following major systems are as follows:

.
Windows Operating System Management Pack—
Monitors and alerts all the

major elements that Windows Server 2008 R2 runs on, including processor, memory,

network, disk, and event logs. It gathers performance metrics and alerts on thresh-

olds, as well as critical events.

.
Active Directory Management Pack—
Monitors and alerts on Active Directory key

metrics, such as replication latency, domain controller response times, and critical

events. The management pack generates synthetic transactions to test the response

time of the PDC, LDAP, and other domain services.

.
DNS Management Pack—
Monitors and alerts on DNS servers for resolution fail-

ures and latency as well as critical events.

.
IIS Management Pack—
Monitors and alerts on IIS services, application pools, per-

formance, and critical events.

Windows Server 2008 R2 Monitoring

795

On all these elements, administrators can generate Availability reports to ensure that the

servers and systems are meeting the service-level agreements (SLAs) set by the organization.

The management pack includes a comprehensive set of reports that are specific to

Windows Server 2008 R2. These include reports on performance, availability, events, and

even configuration for the various Windows Server 2008 R2 roles. These reports can be

generated ad hoc, scheduled for email delivery on a regular basis, or even generated into

web pages for portal viewing. Figure 23.1 shows a Performance report for a server. The

report shows that processor utilization is low and that memory utilization is steady, with

regular skips of activity in the pages per sec, which correspond to available memory dips.

23

ptg

FIGURE 23.1

Sample Performance report.

This kind of summary Performance report is invaluable to reporting on the Windows

Server 2008 R2 infrastructure and really ties together the low-level technical monitoring

into a high-level view that support personnel can use.

796

CHAPTER 23

Integrating System Center Operations Manager 2007 R2 with

Windows Server 2008 R2

What’s New in OpsMgr R2

System Center Operations Manager 2007 R2 was released in the spring of 2009 and

includes many new improvements on the previous version, Operations Manager 2007

Service Pack 1. Some of these improvements include the following:

.
Cross-platform support—
This is support for non-Microsoft platforms, such as

UNIX and Linux. This allows administrators to have a single-pane view of their

entire IT environment in OpsMgr.

.
Integration with System Center Virtual Machine Manager 2008—
This inte-

grates with the VMM 2008 and allows synergies such as Performance Resource and

Optimization (PRO) Tips, which provides virtual machine recommendations based

on observed performance and the ability to implement the recommendation at the

click of a button.

.
Notifications—
The notification system has been revamped and now sports an

Outlook rule style interface. Notifications can be generated for specific alerts and can

be sent out as high-priority emails.

.
Overrides view—
Rather than hunt for overrides within all the management packs,

OpsMgr R2 has an authoring view that shows all the overrides defined in the system.

ptg

.
Improved Management Pack maintenance—
OpsMgr 2007 R2 allows Microsoft

management packs to be browsed, downloaded, and imported directly from the

console. It even includes versioning and dependency checks, as well as the ability to

search from management pack updates.

.
Service-level monitoring—
Applications can be defined from various monitored

objects and the service level of the application can be monitored and reported on

against defined target SLAs.

Other books

The Serpent and the Scorpion by Clare Langley-Hawthorne
Particle Z (Book 1) by Scott, Tim
Promise Me Light by Weaver, Paige
The Driver by Mandasue Heller
Fang: A Maximum Ride Novel by James Patterson
The Sound of Waves by Yukio Mishima
Trinkets by Kirsten Smith
How Do I Love Thee? by Valerie Parv (ed)
Quake by Andy Remic