Windows Server 2008 : Designing a Windows Update Strategy for the Enterprise - System and Environment Health Models

6/6/2011 6:58:17 PM

1. Establishing a Security Baseline

Effectively, a security baseline is the process of formally gathering certain pieces of data and applying them throughout the enterprise in such a way that all present, past, and future server deployments use this foundation as a guideline for the rest of their lifetime. Establishing a security baseline is a multistep process that involves four major components:

Active Directory design
Security policies
Server scope definition
GPO design

I've already discussed some of these topics, such as Active Directory design, GPO design, and security policies, in detail.

For administrators creating their first deployment of Windows Server 2008, establishing a security baseline has become much easier. Previously, other versions of Windows Server required much more extensive manipulations of administrative templates and .inf files in order to create a secure environment. Now, most of this process is completely handled by Group Policy. However, server security and server scope definition are now defined as two distinct portions: enterprise client environments and specialized security environments.

1.1. Enterprise Client Environments

An enterprise client environment is any server environment that involves the use of multiple active users and the extensive use of Active Directory to monitor and administrate those users. Specifically, the Microsoft Windows Server security documentation further defines Windows Server 2008 deployments with heavy enterprise client environments as environments that run Windows Server 2008 or Windows Server 2003 Service Pack 2, Windows XP with Service Pack 3, and Windows Vista. They further require an enterprise client environment to exclusively use Group Policy to administer applications on all sites, domains, and organizational units.

1.2. Specialized Client Environments

A specialized client environment—also known as a limited-functionality environment or specialized client environment, limited functionality (SSLF)—is the portion of an infrastructure that is set aside for the specific purpose of performing a given task. Examples of limited functionality might be a file share server or a server that consistently evaluates common tasks, such as authentication.

In specialized environments, security is generally more refined than in enterprise client environments. This is because specialized environments serve fewer purposes and therefore have fewer open points of possible intrusion and less functionality. According to the Microsoft Solution Accelerator for Windows Server 2008 security (available via Microsoft TechNet), the limited functionality portion of a server dedicated to a specific task can be refined into three portions:

Restricted service and data access
Restricted network access
Strong network protection

Through these three security areas, specialized servers become more secure because users are allowed to access fewer portions of the available data and fewer network resources. For your purposes as an enterprise administrator (and for the Enterprise Administrator certification exam), you'll generally need two security baselines—one for the entire enterprise and one for servers that serve specialized functions.

NOTE

The exact process of defining a security baseline is rather complex and is usually evaluated by an entire staff. Thus, the topic is beyond the scope of this book. However, for your future administrative career, it's a good idea to start looking into general security management practices. You can find these in other certifications, such as the CISSP by ISC² and the CISM by ISACA. Either one should serve you well in your chosen field.

2. The Microsoft Baseline Security Analyzer Tool

The Microsoft Baseline Security Analyzer 2.1 tool is the latest in a series of incredibly powerful tools available to administrators. Using the Microsoft Baseline Security Analyzer (MBSA), you can get an idea of the overall health of your system, including needed security patches, possible security holes, recommended procedures, and a list of other important details.

The MBSA is not installed by default, so you must download it from Microsoft. Doing so requires you to validate your Windows installation as genuine, and then you can access and install it. Once it is installed, it is extremely easy to use. Through a simple menu system, you can select to evaluate Windows-based computers in a given domain or even a given range of IP addresses manually assigned by the user. Once installed, the MBSA will check the status of each provided computer and then provide a report of the status of these computers according to a list of predefined standards provided by Microsoft. The report usually looks like Figure 1 , but it will vary based on how many computers are in your environment and how extensive the report is.

Figure 1. Microsoft Baseline Security Analyzer report

3. System and Environment Health Models

The term system health model refers to the process of ordering and tracking the overall system state of individual servers throughout the environment as time progresses. Within the enterprise, this process is particularly crucial because it gives you an indication of how much productivity is being lost because of equipment failures and a lack of application availability.

In some corporations, the loss of a single server can bring the entire company to its knees in terms of production, especially if there is no backup. However, usually in a large enterprise the loss of one machine just means that the state of the overall environment is "other than 100 percent." In other words, the environment is still functioning but not as well as it theoretically could be functioning.

Windows Server health, and server health in general, usually falls into several categories, each of which can be monitored and evaluated on an individual level. These categories include the following:

Server availability
Server uptime
Server downtime
CPU usage
Memory usage
Page file usage
Disk utilization
Network utilization
Service availability
Service downtime
Application availability
Application downtime
Backup availability
Backup downtime

Most of these are discussed throughout the process of becoming a Microsoft Certified Windows Server Professional. At the enterprise administrator level, you're interested primarily in the top four categories: server availability, uptime, downtime, and hardware statistics.

3.1. Server Availability

Server availability refers to the period of time in which a server is up, running, and not inaccessible. This can be achieved only when a server is operating at its full capacity. For example, a server cannot be considered "available" if the server is running but the network cable has somehow become unplugged and is now inaccessible to the rest of the network infrastructure. Thus, in order for this state to be achieved, the server has to be set up properly and functioning.

As shown in Figure 2 , most administrators keep a chart of the times and availability of their server on a day-to-day basis, using a score of 0 percent to 100 percent. In most companies, this is usually available to all IT staff in a centralized intranet or Internet location so that it can be accessed for future study.

Figure 2. Server availability chart

The importance of this chart and this area of study is that it determines the overall state of the enterprise. The closer it is to 100 percent, the better off the entire organization is. With anything less than 100 percent, the company is not functioning as well as it could be.

3.2. Server Uptime

Server uptime refers to the period of time that the server has been running with power in which it has not experienced a software- or hardware-based failure resulting in the loss of the critical components of an operating system. Generally, the causes of a loss of server uptime include the following:

Power failures
Power surges
Operating system failures (blue screens)
Human error (such as an accidental disconnect)

Usually, server uptime is used in conjunction with server availability to determine whether software on the operating system is causing failures. Additionally, this indicates the status of power availability and reliability throughout the infrastructure. Normally, administrators who need a justification for expensive hardware, such as battery backups, will use this statistic along with server availability to illustrate that most productivity loss comes from a lack of available power in the case of a failure.

3.3. Server Downtime

The opposite of server uptime is server downtime, which refers to the period of time in which the operating system is not up, running, receiving power, or functioning as it should be functioning. Ideally, the amount of server downtime is zero. Whenever this statistic is present, it means the network is not functioning as well as it could be.

3.4. Service Availability

When working with Windows Server, an important component to the overall environment health is service availability. When using Active Directory, a simple network service such as NetLogon can result in the entire Active Directory infrastructure becoming useless if it is an overall environment outage. With this statistic, you can pay careful attention to the availability of services overall.

If these services are automatic, you can check them against a chart that compares whether the automatic services are being enabled as they should be (based on need). If these services are manual, you can even do a human task-oriented analysis to see whether these services are enabled as they should be based on job roles and duties.

Overall, service availability plays a large role in overall server availability, because it is one of the deciding factors in determining how a computer is functioning. A server can be up, running, and operating but not have a service started and therefore not be fulfilling its given purpose, especially in a specialized client environment.

3.5. Hardware Statistics

The next general category of system health that's important is divided amongst the many different components of general server health. This includes functions such as memory usage, disk access, and the use of overall hardware. At the enterprise level, you're won't be quite as concerned with this as an operator of an individual server. You're much more concerned with the overall health of the entire infrastructure. However, it's important to note this general category.

Other -----------------

- Windows Server 2003 : Troubleshooting TCP/IP Routing

- Windows Server 2003 : Securing Remote Access

- Windows Server 2003 : Static and Dynamic Routing

- Microsoft Exchange Server 2003 Security : Protecting Against Computer Viruses

- Microsoft Exchange Server 2003 Security : Managing Connectivity Across Firewalls

- Windows Server 2008 : Designing an Effective Administration Model - Object Essentials

- Windows Server 2008 : Application Virtualization

- SharePoint 2010 Disaster Recovery for End Users : SharePoint Workspace 2010

- SharePoint 2010 Disaster Recovery for End Users : WebDAV and Explorer View

- SharePoint 2010 Disaster Recovery for End Users : Templates