Chapter 1 - Introduction to Designing Highly Available Web Solutions

Review Questions

1. Define the following key terms: availability, failure, fault tolerance, manageability, reliability, and scalability.

   Availability is a measure (from 0 to 100 percent) of the fault tolerance of a computer and its programs. The goal of a highly available computer is to run 24 hours a day, 7 days a week, which means that applications and services are operational and usable by clients most of the time.

   Failure is defined as a departure from expected behavior on an individual computer system or a network system of associated computers and applications. Failures can include behavior that simply moves outside of defined performance parameters.

   Fault tolerance is the ability of a system to continue functioning when part of the system fails. Fault tolerance combats problems such as disk failures, power outages, or corrupted operating systems, which can affect startup files, the operating system itself, or system files. Windows 2000 Server includes features that support certain types of fault tolerance.

   Manageability is the ability to make changes to the system easily. Management has many facets, but it can be loosely divided into the following disciplines: change and configuration management, security management, performance management, problem management, event management, batch/output management, and storage management.

   Reliability is a measure of the time that elapses between failures in a system. Hardware and software components have different failure characteristics. Although formulas based on historical data exist to predict hardware reliability, it’s difficult to find formulas for predicting software reliability.

   Scalability is a measure of how well a computer, service, or application can expand to meet increasing performance demands. For server clusters, scalability refers to the ability to incrementally add one or more systems to an existing cluster when the cluster’s overall load exceeds its capabilities.

2. What are the key architectural elements of an n-tier business Web site?

   Clients, which issue service requests to the server hosting the application that the client is accessing; front-end systems, which consist of the collections of servers that provide core services, such as HTTP/HTTPS and FTP, to the clients; and back-end systems, which are the servers hosting the data stores that are used by the front-end systems.

3. In the formula MTTR/MTTF, what do MTTR and MTTF refer to, how do they differ, and what’s the purpose of this ratio?

   MTTF (mean time to failure) is the mean time it will take for a device to fail, and MTTR (mean time to recovery) is the mean time it takes the device to recover from a failure. Downtime is determined by the ratio MTTR/MTTF.

4. What types of failures can cause system outages?

   Software failures, hardware failures, network failures, operational failures, and environmental failures can cause system outages.

5. You’re designing a highly available Web site. What are the three fundamental strategies that you should use?

   Develop operational procedures that are well documented and appropriate for your goals and your staff’s capabilities.

   Ensure that your site has enough capacity to handle processing loads.

   Reduce the probability of failure.

6. You’re designing a highly available Web site and you’re specifically concerned about preventing application failures. What techniques should you use to reduce the chance of failures?

   Create a robust architecture based on redundant, load-balanced servers. (Note, however, that load-balanced clusters are different from Windows application clusters. Commerce Server 2000 components, such as List Manager and Direct Mailer, are not cluster aware.)

   Review code to avoid potential buffer overflows, infinite loops, code crashes, and openings for security attacks.

Chapter 2 - Network Infrastructure

Activity Questions

1. How should you design the network topology for the e-commerce site?

   The network topology should look similar to the design shown in the following illustration:

   

Lab Questions

Exercise 1: Providing Redundant Components and Network Paths

1. What network elements can you make redundant for this topology?
   • Switches
   • Routers
   • LAN paths
   • Internet connections
   • Services (through the use of clusters)

2. On a piece of paper, sketch a design that builds on the design in Figure 2.18. Be sure to incorporate any network elements that can be made redundant. How should you modify your design?

   Your design should be similar to the one in the following illustration:

   

   Notice that the design shown in the answer places the application clusters in a middle tier. Some topologies include only a front-end tier and a back-end tier.

3. Suppose a computer in the application cluster tries to communicate with the data cluster. What possible LAN paths can that communication follow?
   • From the application computer to the first switch (top switch in the diagram) and then to the data cluster
   • From the application computer to the first switch, then to the second switch, and then to the data cluster
   • From the application computer to the second switch and then to the data cluster
   • From the application computer to the second switch, then to the first switch, and then to the data cluster

Exercise 2: Subnetting a TCP/IP Network

1. How many network segments will you use and where will you use them?

   You will need to create four network segments:

• A network segment for the middle tier, which will bridge the Web clusters and the application cluster
• A network segment for the back-end network, which will bridge the application cluster and the routers to the secure network
• A network segment for the secure network
• A network segment for the management network
2. On your sketch of the network topology, label the four network segments and indicate the position of those segments. Your network topology should also indicate the position of the front-end network. How should you modify your design?

   Your design should be similar to the one in the following illustration:

   

   Notice that the management network is connected to each cluster and is on its own subnet. Also notice that in this topology the application cluster is connected to three different network segments: the middle tier (10.10.1.0), the back-end tier (10.10.2.0), and the management tier (10.10.4.0).

3. To which network segments do the Web clusters connect?

   The Web clusters connect to the front end network, which is connected to the Internet; the middle tier (10.10.1.0); and the management network (10.10.4.0).

Exercise 3: Designing a Namespace

1. How should you set up the internal and external namespaces?

   To simplify name resolution for internal clients, use a different domain name for your internal and external namespaces. You can use the same name internally and externally, but doing so causes configuration problems and generally increases administrative overhead. If you want to use the same domain name internally and externally, you need to perform one of the following actions:

   • Duplicate internally the public DNS zone of your organization.
   • Duplicate internally the public DNS zone and all public servers (such as Web servers) that belong to your organization.
   • In the PAC file on each of your clients, maintain a list of the public servers that belong to your organization.

2. You decide to use separate names for your external and internal namespaces: contoso.com for the external namespace and contoso-pvt.com for the internal namespace. On your sketch of the network topology, label how the namespaces are divided so the division between the two namespaces is clear. How should you modify your design?

   Your design should be similar to the one in the following illustration:

   

   Notice that the management server is now labeled with an FQDN: mgmt.contoso-pvt.com.

3. Suppose that one of the servers in Web cluster 1 is named Web1. What would be the FQDN for that server?

   The FQDN for the Internet side of the server would be web1.contoso.com, and the FQDN for the private side of the server would be web1.contoso-pvt.com.

4. Suppose that one of the servers in the application cluster is named App1. What would be the FQDN for that server?

   The FQDN for the server would be app1.contoso-pvt.com.

Review Questions

1. The network topology for your organization includes a Web component that provides information and online registration for your company’s training facilities. Figure 2.19 shows the Web component of your network topology.

   

   Many users have been complaining that your site is often unavailable. You plan to modify the network topology to increase availability. What’s the first step you should take?

   Add a redundant connection to the Internet.

2. When you subnet the network shown in Figure 2.19, you assign the network ID 10.10.1.0 to subnet 1, 10.10.2.0 to subnet 2, and 10.10.3.0 to subnet 3. What additional subnet should you add to this topology?

   You should add a management subnet (such as 10.10.4.0) that connects to each cluster.

3. You’re planning the configuration of the DHCP Service for your network and want to ensure fault tolerance. However, you won’t be implementing clustering. You set up a primary DHCP server and a backup DHCP server. How should you configure any scopes that you create?

   Use the 80/20 rule to divide scope addresses between the DHCP servers. The primary server should receive about 80 percent of the available addresses, and the backup server should receive about 20 percent.

4. Your company, Contoso, Ltd., plans to set up a Web site so customers can access services on the Internet. Until now, your company has had no Web presence. Your company has registered the name contoso.com with an Internet name authority and wants to use that name for both the internal and external namespaces. What actions must you perform to use the same name?

   You must perform one of the following actions:

   • Duplicate internally your organization’s public DNS zone.
   • Duplicate internally the public DNS zone and all public servers that belong to your organization.
   • Maintain a list (in the PAC file on each client computer) of the public servers that belong to your organization.

Chapter 3 - Server Configurations

Lab Questions

Exercise 1: Planning a File Server Configuration

1. How should you label the rest of the diagram?

   You should label the diagram in a way similar to that shown in the following illustration:

   

   Notice that six 10-GB physical disks (60 GB) are used to store data, but the logical disks support only 40 GB of storage.

2. Why is there a difference in storage capacity between the logical disks and the physical disks?

   In a RAID-1 configuration the same data is written to each of the two disks. As a result, disk space usage is only 50 percent of the total for both disks. RAID-5 uses the equivalent of one physical disk to support its fault-tolerant configuration. In this case, one disk equals 10 GB, so 10 GB are used for parity information, leaving 30 GB for storage.

Exercise 2: Planning a File Server and Operating System Configuration

1. How should you configure the data storage system for these servers?

   You should label the diagram in a way similar to that shown in the following illustration:

   

   Notice that two 10-GB disks are used to support the RAID-1 configuration, but only 10 GB of storage are available on the logical disk.

2. Why is there a difference in storage capacity between the logical disk and the physical disks?

   In a RAID-1 configuration the same data is written to each of the two disks. As a result, disk space usage is only 50 percent of the total for both disks.

Exercise 3: Planning a Domain Controller and Services Configuration

1. Draw a diagram that provides a conceptual overview of how RAID will be implemented on these servers. Label the logical partitions, the logical disk, and the physical disks. Include the size of each partition and disk and their functions.

   You should configure the data storage system in a way similar to that shown in the following illustration:

   

Exercise 4: Planning a Relational Database Server Configuration

1. How should you configure the data storage system for these servers?

   You should configure the data storage system in a way similar to that shown in the following illustration:

   

2. How much storage would the RAID-5 logical disk support if another 10-GB hard disk were added to the configuration?

   50 GB

Review Questions

1. You’re designing a network infrastructure for the Baldwin Museum of Science, and you want to ensure that your servers are fault tolerant. One way that you plan to support fault tolerance is to use redundant components within your critical servers. What redundant components should you add to the servers?

   You should configure each server with the following redundant components:

   • NICs
   • Cooling fans
   • Power supplies
   • Disk controllers

2. Woodgrove Bank has been experiencing intermittent problems with their servers. The problems have included overheating, shorts, and unexpected restarts when an administrator touches one of the computers. Technicians have checked the computers, their components, and how they’re configured and can’t find an immediate cause of these problems. What other factors should be considered?

   The servers’ environment should be checked to make certain that the room temperature is about 70º F (21º C), that a proper amount of humidity is maintained, and that the computers and the computer room are kept clean.

3. City Power & Light stores a great deal of data in order to maintain their operations. At any one time, their storage capacity can exceed 6 TB. You’re designing a data storage system for the company, and you want to ensure that the system is fault tolerant, the data is centralized, and backup and restores are easy to administer. What type of storage would you recommend?

   Storage area network (SAN)

4. You’re designing a data storage system for the Graphic Design Institute. The company maintains about 45 GB of data at any one time. The organization wants to ensure that the data storage system is fault tolerant, but they want to implement the least expensive solution available. Which storage solution would you recommend?

   Recommend the software implementation of RAID-5 that’s available in Windows 2000 Server.

Chapter 4 - Microsoft Windows 2000 Cluster Service

Activity Questions

For each of the following steps, identify how your file server resource group will be configured:

1. List all the server-based applications.

   No server-based applications are running on these servers. However, examples of server-based applications are Microsoft SQL Server 2000 and Microsoft Exchange Server.

2. Sort the list of applications. Determine which applications can use failover.

   No server-based applications are running on these servers.

3. List all other resources.

   File Share, IP Address, Network Name, and Physical Disk

4. List all dependencies for each resource.

   The File Share resource type depends on the Network Name resource type, and the Network Name resource type depends on the IP Address resource type. The File Share resource type also depends on the Physical Disk resource type.

5. Make preliminary grouping decisions.

   You should create only one resource group because a resource and its dependencies must be together in a single group. In addition, a resource can’t span groups.

6. Make final grouping assignments, and create any necessary dependency trees.

   You should create only one resource group. The dependency should look similar to the one shown in the following illustration:

   

Lab Questions

Exercise 1: Choosing a Server Cluster Model

1. What are the differences between the three configuration models?

   With a single-node configuration, you can organize resources for administrative convenience, use virtual servers, restart applications automatically, and more easily create a cluster later. However, this model can’t make use of failover. If an application can’t be restarted, it becomes unavailable.

   An active/passive configuration provides the maximum availability for your resources. However, this model also requires an investment in hardware that’s not used most of the time. If the primary node fails, the secondary node immediately picks up all operations. This model is best suited for those applications and resources that must maintain the highest availability.

   An active/active configuration provides high availability and performance when both nodes are online and provides reliable and acceptable performance when only one node is online. Services remain available during and after failover, but performance can decrease, which can affect availability.

2. Which configuration best suits the needs of Wingtip Toys?

   An active/active configuration best suits the needs of Wingtip Toys because this configuration allows maximum use of hardware resources while providing highly available services. Because performance degradation after failover isn’t an overriding concern, an active/passive configuration isn’t necessary.

Exercise 2: Planning the Resource Groups

Listing the Server-Based Applications

1. What are those applications?

   SQL Server 2000 and Exchange 2000 Server

Sorting the List of Applications

1. Which applications will use failover?

   Both SQL Server 2000 and Exchange 2000 Server can use failover and you should set up both to use it.

Listing Other Resources

1. Which resources should you include?

   You should include the following resources: Physical Disk, Network Name, and IP Address.

Listing Dependencies

1. How are these resources dependent on each other?

   Each service (mail and database) is dependent on the Physical Disk resource and the Network Name resource. Each Network Name resource is dependent on the IP Address resource.

Making Preliminary Grouping Decisions

1. How will resources be grouped together?

   You should create two groups: one for the database service and its related resource types (Physical Disk, Network Name, and IP Address), and one for the mail service and its related resource types (Physical Disk, Network Name, and IP Address).

2. What are the advantages of this grouping strategy?

   This grouping strategy allows the mail service to run on one node and the database service to run on another node, which supports an active/active configuration.

Making Final Grouping Assignments

1. How would you create a dependency tree for each group?

   In the database resource group, the database resource is dependent on the Physical Disk resource type and the Network Name resource type, and the Network Name resource type is dependent on the IP Address Resource type. The mail resource group has the same dependencies.

Exercise 3: Determining Failover Policies

1. How should you configure the Failover Timing setting?

   For each group, set the Cluster service to restart the group before failover occurs.

2. How should you configure the Preferred Node setting?

   Configure each group so it always runs on a designated node whenever the node is available. You should configure the database group so that one of the servers is set as the preferred node, and you should configure the mail group so that the other server is set as the preferred node.

3. How should you configure the Failback Timing setting?

   Configure each group to failback to its preferred node as soon as the Cluster service detects that the failed node has been restored.

Review Questions

1. What objects does the Cluster service manage?

   Server cluster networks, network interfaces, nodes, resource groups, and resources

2. What are the differences between a resource group and a resource?

   Resource groups are logical collections of resources. Typically, a resource group is made up of logically related resources such as applications and their associated peripherals and data. A resource is any physical or logical component that can be brought online and taken offline, be managed in a server cluster, and be hosted (owned) by only one node at a time.

3. You’re planning the resource groups for a cluster on your network. You’ve determined which applications will run on the servers and, of those, which can use failover. You’ve also determined the other types of resources that will be included in your list of resources, such as network names and IP addresses. What step should you take next?

   You should list the dependencies for each resource. The list should include all resources that support the core resource.

4. You’re planning a cluster for your organization’s network. The cluster will include two Windows 2000 Advanced server computers that will run a database application and a file and print services. You want the cluster configuration to support the maximum use of your cluster hardware. Which cluster configuration model should you use?

   You should use the active/active model because it supports the maximum use of hardware by placing resource groups on separate nodes. When the cluster is fully operational, the cluster provides high availability and performance.

Chapter 5 - Network Load Balancing (NLB)

Activity Questions

1. How should this configuration look?

   The network should be configured in a way similar to the configuration shown in the following illustration:

   

2. What option other than round-robin DNS can you consider to balance the load between clusters?

   When you have more than one cluster, you can use network switches to separate incoming traffic. However, if you use network switches and you deploy two or more clusters, consider placing the clusters on individual switches so that incoming cluster traffic is handled separately.

Lab Questions

Exercise 1: Determining Which Applications to Run in the Cluster

1. What type of applications can you run on an NLB cluster?

   In general, NLB can scale any application or service that uses TCP/IP as its network protocol and is associated with a specific TCP or UDP port. In addition, the application must be designed to allow multiple instances to run simultaneously, one on each cluster host. You shouldn’t use NLB to directly scale applications that independently update inter-client state data because updates made on one cluster host won’t be visible to other cluster hosts.

2. Which application or applications will you run in the NLB cluster and why would you choose those applications?

   IIS, because it uses TCP/IP as its network protocol and uses Port 80. In addition, IIS allows multiple instances to run simultaneously on different hosts.

3. Is there any application that shouldn’t be run on the NLB cluster, and if so, why not?

   You shouldn’t run SQL Server and Exchange Server on the NLB cluster because these applications independently update inter-client state data. You should use the Cluster service to create clusters for these two applications.

Exercise 2: Choosing an NLB Model

1. What are the advantages and disadvantages of each of these configuration models?
   • Single network adapter in unicast mode:

     Unicast mode is the default configuration for NLB and works with all routers. However, ordinary network communication among hosts isn’t possible, and network performance may be compromised.

   • Multiple network adapters in unicast mode:

     Unicast mode is the default configuration for NLB and works with all routers. In addition, ordinary network communication among hosts is possible, and network performance may be enhanced. However, at least two network adapters are required.

   • Single network adapter in multicast mode:

     Only one network adapter is required, and ordinary network communication among hosts is possible. However, this isn’t the default configuration, network performance may suffer, and some routers may not support the use of a multicast MAC address.

   • Multiple network adapters in multicast mode:

     Performance may be enhanced, and ordinary network communication among hosts is possible. However, this isn’t the default configuration, at least two network adapters are required, and some routers may not support the use of a multicast MAC address.

2. Which configuration model should you use?

   Each host in the NLB cluster should be configured with multiple network adapters, and the cluster should run in unicast mode. This model is easier to configure because it’s the default mode, permits ordinary network communication among hosts, and works with all routers. The fact that at least two network adapters are required is not a problem because the hosts are part of a multitiered structure that requires at least two network adapters in each computer.

Review Questions

1. How does NLB work?

   NLB scales the performance of a server-based program, such as a Web server, by distributing its client requests among multiple servers within the cluster. With NLB, each host receives each incoming IP packet but only the intended recipient accepts it. The cluster hosts concurrently respond to different client requests or to multiple requests from the same client. For example, a Web browser may obtain the various images within a single Web page from different hosts in a load-balanced cluster. This speeds up processing and shortens the response time to clients.

2. What are the differences between Single affinity and Class C affinity?

   With Single affinity, NLB pins a client to a particular host without setting a timeout limit; this mapping is in effect until the cluster set changes. The trouble with Single affinity is that in a large site with multiple proxy servers a client can appear to come from different IP addresses. To address this issue, NLB also includes Class C affinity, which specifies that all clients within a given Class C address space will map to a given cluster host. However, Class C affinity doesn’t address situations in which proxy servers are placed across Class C address spaces. Currently the only solution is to handle it at the ASP level.

3. How does NLB manage session state that spans multiple connections?

   When its client affinity parameter setting is enabled, NLB directs all TCP connections from one client IP address to the same cluster host. This allows session state to be maintained in host memory. However, should a server or network failure occur during a client session, a new logon may be required to reauthenticate the client and reestablish session state.

4. You’re a network administrator at Trey Research. You’re responsible for administering the company’s Web site and its infrastructure. You want to implement an NLB cluster to run IIS. You’ve identified network risks and eliminated any single points of failure. The cluster will include four hosts, and each host will be configured to use RAID-5 for fault-tolerant storage. You’ll determine the host’s capacity requirements after you’ve planned the rest of the cluster.

   What other decision must you make?

   You must choose an NLB configuration model.

5. You’re planning a small NLB cluster for your organization’s network. The cluster will contain only two computers. Each computer will be configured with only one network adapter. You want the configuration to support ordinary network traffic between the computers.

   Which NLB configuration model should you use?

   You should use a single network adapter in multicast mode. If the router doesn’t accept an ARP response from the cluster, you should add a static ARP entry to the router for each virtual IP address.

Chapter 6 - Microsoft Application Center 2000

Activity Questions

1. In the diagram, label the following components: client, Internet, Web-tier cluster, COM+ cluster, NLB, and CLB.

   The diagram should look similar to the following illustration:

   

2. What are the different cluster types supported by Application Center?

   General/Web cluster, COM+ application cluster, and COM+ routing cluster

3. Which cluster type would you use to host Web sites and to support NLB and CLB?

   General/Web cluster

Lab Questions

Exercise 1: Designing a General/Web Cluster

1. How should you draw your network design?

   Your design should look similar to the one in the following illustration:

   

2. How would client requests be distributed to the hosts in General/Web cluster once those requests have passed through the firewall?

   Requests will be routed to the hosts through the use of NLB, which will be configured on each computer.

3. Based on the current network configuration, where would COM+ applications reside?

   COM+ applications would reside on the General/Web cluster.

Exercise 2: Designing a COM+ Routing Cluster

1. How should you draw the network design?

   Your design should look similar to the one in the following illustration:

   

2. On which cluster or clusters would you now run NLB?

   You would configure NLB on the General/Web cluster and the COM+ routing cluster.

3. What’s the primary role of the COM+ routing cluster?

   The primary role of the COM+ routing cluster is to route requests to a COM+ application cluster.

Exercise 3: Designing a COM+ Application Cluster

1. How should you draw the network design?

   Your design should look similar to the one in the following illustration:

   

2. On which tiers should you run CLB and NLB?

   You should configure CLB on the COM+ routing cluster and configure NLB on the General/Web cluster and the COM+ routing cluster.

3. How is network performance affected by running COM+ applications on a cluster separate from the General/Web cluster?

   Calls over the network yield slower throughput than calls to software installed on the same computer. This is true in all software communication, whether it’s through Microsoft software or something else. For this reason, CLB isn’t an effective solution where throughput is absolutely critical. In this case it’s better to install the COM+ components locally on the Web-tier cluster members, thus avoiding cross-network calls. CLB support is lost, but load balancing is still available through NLB.

Review Questions

1. How is NLB in Application Center integrated with NLB in Windows 2000 Advanced Server?

   NLB in Application Center is carried out by NLB in Windows 2000 Advanced Server or Datacenter Server. Application Center provides an interface that’s integrated with NLB. The Application Center user interface serves to make load-balancing configurations for a cluster easier by removing much of the configuration detail and by reducing the number of user decision points.

2. In what scenarios should you consider using CLB?

   You should consider using CLB in the following scenarios:

   • Security is a major concern and you want to segregate COM objects behind an additional firewall.
   • COM objects are relatively large and you want to run them on the fastest servers available.
   • Applications are partitioned into n-tiers, either for development or design reasons. If you’re using NLB for your front-end servers and want to route component requests to a back-end COM+ server, the Application Center user interface lets you easily specify a target.
   • Scaling is important. A single cluster can use multiple COM+ clusters to service component requests.

3. What are the three primary clustering scenarios?

   Single-node clusters, standard Web clusters, and COM+ applications clusters.

4. You’re the network administrator at Graphic Design Institute, and you want to improve the availability of your company’s Web site. You decide to implement an Application Center cluster to support the Web services. In planning the cluster, you decide to include three hosts, each of which is configured with enough resources to run Windows 2000 Advanced Server, Application Center, Event and Performance Logging, and IIS 5.0. You also plan to configure the cluster network adapters on a subnet separate from the back-end network adapters.

   Which cluster type and load balancing configuration should you use?

   You should use the General/Web cluster type and use NLB for your load-balancing configuration. The General/Web cluster type is used to host Web sites. NLB is recommended over other load balancing because it’s inexpensive to implement and requires less administration.

5. Your company is implementing a Web site and is evaluating how to structure clusters and load balancing on your network. Throughput performance is critical to the operation and should be maintained at the highest possible level. In addition, management wants to keep network administration as uncomplicated as possible and to make full use of the hardware that they have available.

   Which type or types of Application Center clusters (General/Web, COM+ routing, or COM+ application) should you implement in this site?

   You should implement a General/Web cluster but not a COM+ routing cluster or COM+ application cluster. Using a separate tier for the COM+ applications will result in a degradation in throughput performance, in administrative complexity, and in difficulty in making full use of the hardware.

Chapter 7 - Capacity Planning

Activity 7.1 Questions

1. Your first step is to determine the CPU cost per operation. In order to calculate this cost, you must first determine the CPU usage. How do you calculate the CPU usage for the Search operation?

   You should use the following calculation:

   .9247 × 3 × 400 = 1109.64

2. Now that you’ve calculated the CPU usage, you can use that calculation to determine the cost of the operation. How do you calculate the CPU cost for the Search operation?

   You should use the following calculation:

   1109.64 ÷ 18.21 × 2 = 121.87

3. You can now use the cost per operation to figure out the cost per user. How do you calculate the CPU cost per operation per use?

   You should use the following calculation:

   121.87 × 0.00139 = 0.1694 MC

Activity 7.2 Questions

1. Your first step is to determine the cost per user for the Web server. How do you calculate that cost?

   You should use the following calculation:

   0.003804 × 4.297 = 0.01635

2. Next you must determine the cost per user for the data server. How do you calculate that cost?

   You should use the following calculation:

   0.003804 × 119.36 = 0.45405

3. How do you calculate the total cost per user per second?

   You should use the following calculation:

   0.01635 + 0.45405 = 0.4704 KBps

Lab Questions

Exercise 1: Identifying the User Base

1. How many concurrent users should your network support?

   The network should support 6,000 concurrent users.

2. What’s the first step you must take to calculate the CPU usage per user?

   You must first calculate the CPU usage for the Default operation by using the following calculation:

   .9615 × 3 × 400 = 1153.8

3. What’s the next step that you should take to calculate the CPU usage per user?

   Once you’ve determined the CPU usage for the Default operation, you should calculate the cost for that operation by using the following calculation:

   1153.8 ÷ 96.98 × 1 = 11.897

4. What’s the CPU cost for each operation?

   The cost for each operation is as follows:

   Default: .9615 × 3 × 400 ÷ 96.98 × 1 = 11.897

   Add Item: .9208 × 3 × 400 ÷ 26.21 × 3 = 126.474

   Listing: .9342 × 3 × 400 ÷ 29.29 × 2 = 76.548

   Lookup: .9899 × 3 × 400 ÷ 82.08 × 2 = 28.944

5. Once you’ve determined the cost per operation, you can determine the cost per user per operation, and from there, determine the cost per user. What’s the cost per user for each operation?

   The cost per user for each operation is as follows:

   Default: 11.897 × 0.00128 = 0.01523

   Add Item: 126.474 × 0.00102 = 0.12900

   Listing: 76.548 × 0.00329 = 0.25184

   Lookup: 28.944 × 0.00121 = 0.03502

6. What’s the total cost per user for CPU usage?

   The total cost per user for CPU usage is as follows:

   0.01523 + 0.12900 + 0.25184 + 0.03502 = 0.43109

7. What’s the network cost for the Default operation?

   The network cost of the Default operation is as follows:

   (0.003682 × 1.845) + (0.003682 × 0) = 0.006793 KBps

8. What are the network costs of the remaining three operations?

   The network costs of the operations are as follows:

   Add Item: (0.000254 × 4.978) + (0.000254 × 127.756) = 0.033714 KBps

   Listing: (0.000523 × 26.765) + (0.000523 × 24.123) = 0.026614 KBps

   Lookup: (0.001134 × 25.678) + (0.001134 × 25.564) = 0.058108 KBps

9. What are the total network costs per user?

   The network costs per user are as follows:

   0.006793 + 0.033714 + 0.026614 + 0.058108 = 0.125229 KBps

Exercise 2: Determining CPU Requirements

1. How much processing power does each server have and how much of that can be used?

   Each Web server is configured with three 400 MHz processors, giving each machine 1,200 MHz of processing power. However, the upper bound on each computer is 755 MHz.

2. What is the total cost per user for CPU usage?

   The total cost per user for CPU usage is 0.43109 MC.

3. How many concurrent users can the CPUs in each Web server support?

   The CPUs in each Web server can support the following number of users:

   755 ÷ 0.43109 = 1,751 users

4. Once you’ve determined how many concurrent users each machine will support, you should round down that amount to a whole number and use that figure to calculate the number of servers that you need. How many Web servers should your cluster contain?

   The Web cluster should contain the following number of servers:

   6,000 ÷ 1,751 = 4 servers

Exercise 3: Determining Bandwidth Capacity

1. What’s the network bandwidth and how much of that bandwidth should you utilize when planning your capacity requirements?

   The network is a 100-Mbps (12.5 MBps) Ethernet network. Normally, you should not push network utilization over 36 percent, which is 4.5 MBps.

2. How many concurrent users will your network support?

   The network will support the following number of concurrent users:

   4500 KBps ÷ 0.125229 KBps = 35,934 users

Review Questions

1. You’re a network administrator at Contoso Pharmaceuticals. Your network is connected to the Internet by a T1 line. You want to know the maximum transmission rate for a 5-KB page. With overhead, a page transmission runs about 55,360 bits. What’s the maximum transmission rate over the T1 line?

   The maximum transmission rate is as follows:

   1,536,000 ÷ 55,360 = 27.7 pages per second

2. You’re implementing new tools on your company’s Web site. You want to find out how long it will take users to download a 90 KB page (including overhead) over a 28.8 Kbps modem and a 56 Kbps modem. How many seconds will it take each type of user to download the page?

   For the 28.8 Kbps modem, it will take the following amount of time to download the 90-KB page:

   720 kilobits ÷ 28.8 Kbps = about 25 seconds

   For the 56 Kbps modem, it will take the following amount of time to download the 90-KB page:

   720 kilobits ÷ 56 Kbps = about 13 seconds

3. Your company is implementing new services on their Web site. The new services include data access to a back-end SQL Server database. In testing and analysis, you discovered that the Add Item operation responds more slowly than you expected. You determine that the disk cost for the operation is 4.395 and the usage for that operation is 0.012345 operations per second. What’s the disk cost per user per second for the Add Item operation?

   The disk cost for the Add Item operation is as follows:

   4.395 × 0.012345 = 0.054256 KBps

4. You’re planning your network’s capacity requirements. The site will be a transaction site that will allow users to store and retrieve information. Content will be dynamic: ASP hitting a SQL Server database. You anticipate 5,000 concurrent users at peak usage. What other steps should you take?

   You should determine your hardware needs and your network bandwidth. You should also plan the site topology to take into consideration the capacity requirements. In addition, you should find potential bottlenecks and plan for future upgrades to the site.

Chapter 8 - Directory Services

Lab Questions

Exercise 1: Defining a Site Structure

1. What criteria should you use when deciding how to structure your sites?

   You should create a site for each LAN or set of LANs connected by high-speed links, any perimeter networks separated from other network segments by firewalls, and any location reachable only by SMTP.

2. How many sites should you create for this site and where should they be located?

   You should create two sites: one for the perimeter network and one for the private corporate network.

3. Why have you chosen this site structure?

   The private corporate network can be all one site because it’s one LAN that has fast and reliable connections. However, the perimeter network should be a separate site because it’s connected to the corporate network through a firewall. A separate site for the perimeter network allows you to limit client authentication to domain controllers within that site, assuming the domain controllers are fault tolerant.

4. Assume that the private corporate network is spread across several physical locations connected by WAN links. How would that affect your site structure?

   You should create a site for each location that’s connected by a WAN link because WAN links are traditionally slower and less reliable. Generally, a site shouldn’t span across a WAN connection.

Exercise 2: Placing Domain Controllers

1. What guidelines should you follow when determining where to place domain controllers?

   You should place at least one domain controller in each site and two domain controllers in the domain. Place additional domain controllers in a site when a large number of clients access the site; when intersite connections are relatively slow, unreliable, or near capacity; or when clients should be authenticated at a specific set of domain controllers.

2. In which sites would you include a domain controller?

   You should place at least one domain controller in the perimeter network site and one in the private network site.

3. How many domain controllers should you include in your network?

   You should place at least two domain controllers in each site to provide fault tolerance for the Active Directory services. That way authentication requests never have to pass through the firewall.

Exercise 3: Defining an Intersite Replication Strategy

1. What guidelines should you follow when determining how to configure site links?

   You should configure your site links according to available bandwidth, network usage patterns, and type of transport—and if appropriate, configure additional site links to provide redundant replication paths.

2. What site links do you need to configure for the Northwind Traders network?

   You need to configure only one site link to connect the two sites.

3. What configuration information must your provide for each site link?

   You must provide the replication schedule, replication interval, replication transport, and link cost.

4. You decide that replication between the perimeter network and the private network should occur throughout the day at regular intervals. You want domain controllers on both sides of the firewall to remain relatively current, but you don’t want to overwhelm the network. You plan to restrict directory replication to 12 times a day at regular intervals, every day of the week. How should you configure the site link?

   You should configure the replication schedule to permit replication at all times on all days of the week, because you want replication to occur every day at regular intervals throughout the day. You should configure the replication interval at two hours, which would equal 12 times a day. You should configure the transport type as IP, which is implied by the nature of the network and the connection through the firewall. Because you need to configure only one site link, you don’t have to be concerned with configuring the link cost. Link cost is the relative bandwidth of the connection as compared to other site links.

Exercise 4: Placing Global Catalog Servers and Operations Masters

1. What guidelines should you follow when determining where to place global catalog servers?

   You should locate at least one global catalog in each site. Place additional global catalog servers in a site when a large number of clients access the site or when intersite connections are relatively slow, unreliable, or near capacity.

2. Where should you locate global catalog servers in the Northwind Traders network?

   You should configure all four domain controllers as global catalog servers. This provides fault tolerance within each site should a domain controller fail. If one does fail, the authentication process won’t have to look outside the site (and through the firewall) for a copy of the global catalog. In addition, by configuring all domain controllers as global catalog servers, you don’t have to be concerned about locating the infrastructure master on a domain controller that doesn’t host the global catalog.

3. What guidelines should you follow when determining where to place operations masters?

   You should provide a standby operations master. In large domains, place the relative identifier master and PDC emulator on separate domain controllers. Don’t assign the infrastructure master role to a domain controller that’s hosting the global catalog unless all domain controllers in the domain are global catalog servers.

4. Where should you place the operations masters?

   You should locate the operations masters in the private network. Make one domain controller the operations master and make the other domain controller a standby operations master. You don’t have to be concerned about assigning the infrastructure master role to a domain controller that isn’t hosting the global catalog because all domain controllers in the domain will be hosting the global catalog.

Review Questions

1. What are Active Directory objects and what’s the purpose of the Active Directory schema?

   Active Directory objects represent the physical entities that make up a network. For example, users, printers, and computers are Active Directory objects. The Active Directory schema defines the types of objects and the types of information about those objects that can be stored in the directory. There are two types of definitions in the schema: attributes and classes.

2. What are the components of the Active Directory logical structure and the physical structure?

   The logical structure is made up of domains, trees, forests, and OUs. The physical structure is made up of sites and domain controllers.

3. What are the five operations master roles assigned to one or more domain controllers?

   The five roles are schema master, domain naming master, relative ID master, PDC emulator, and infrastructure master.

4. You’re planning the Active Directory physical structure for your organization. Your network is made up of three domains. Each domain is in a separate geographical location connected by a WAN link, and each location is a fast, reliable LAN with ample bandwidth. One of the LANs includes a Web site that’s set up in a perimeter network, which is connected to the private network through a firewall. What’s the minimum number of Active Directory sites that you should create for this network?

   You should create at least four sites: one for each LAN and one for the perimeter network.

5. Your network is made up of two Active Directory sites. You’re configuring a site link between the two sites. You configure replication to occur during nonbusiness hours at intervals of 15 minutes. How often will the directory be replicated during business hours?

   Replication won’t occur between the two sites during business hours.

Chapter 9 - Application Integration

Activity 9.1 Questions

1. What’s the first step of your deployment strategy?

   You should perform a single deployment from the staging computer to the Web cluster controller.

2. What’s the second step of your deployment strategy?

   After the application has been deployed to the controller, it should be replicated from the controller to member servers. You don’t have to replicate the content manually if Application Center is configured for automatic synchronization. The replication will be automatic.

3. How will Web services be affected by this deployment strategy?

   Web services shouldn’t be affected because no ISAPI filters or COM+ components are being deployed. If they were, you’d have to reset the services.

Activity 9.2 Questions

1. How should you set up the failover clusters?

   You should set up the clusters in a way similar to that shown in the following illustration:

   

2. What methods can your application use to access the data?

   Your application can use distributed partitioned views or data-dependent routing.

3. How can you configure your failover clustering?

   You can create a four-node multiple-instance cluster that uses an N+1 topology. In this configuration, three of the servers contain an active instance of SQL Server, one for each partition, and the fourth node remains in standby mode and is configured as the primary failover computer.

Lab Questions

Exercise 1: Designing an IIS Application Structure

1. How should you design the initial portion of the perimeter network?

   Your design should look similar to the one in the following illustration:

   

2. Which application layers will your design initially support?

   Your design should support the presentation layer and the business logic layer.

3. How will you deploy this content?

   You can perform a single deployment from the stager to the Web cluster controller. From there, Application Center will replicate the content automatically to the other member servers.

Exercise 2: Integrating SQL Server into Your Application Structure

1. How should you modify your perimeter network’s design to support the new applications?

   Your design should look similar to the one in the following illustration:

   

2. You want to deploy the COM+ applications, but you don’t want to take the Web services offline. How should you deploy the applications?

   To deploy the applications, you should take the following steps:

   1. In the Web cluster, take the cluster controller and one member of the cluster out of the load-balancing loop.
   2. Deploy the applications to those two computers.
   3. After you’ve reset the services, bring the two servers back online for load balancing.
   4. Repeat the process for the third member computer.

3. How should you set up permissions on the SQL Server computers?

   You must ensure that a guest account has been created that corresponds to the IUSR_computername account and that permissions have been granted to that account to allow it to log on to the SQL Server computers.

4. What methods can you use to optimize connections to the database?

   Change the threading model to Both, limit the connection time-out, close connections, share active connections, and increase the size of the record cache.

Exercise 3: Integrating Exchange 2000 Server into Your Web Site

1. How should you modify your perimeter network’s design to support the Outlook Web Access service?

   Your design should look similar to the one in the following illustration:

   

2. What benefits does a multiserver environment provide that a single-server environment can’t?

   A multiserver environment has the following benefits:

   • The multiserver model supports a unified namespace. You can disperse groups of users across back-end databases but allow them to connect to the front-end server by using a single server name.
   • You can isolate back-end servers from attacks. You can locate back-end servers behind a firewall or on a different subnet. Front-end servers can each be configured with one NIC that connects to the Internet and another NIC that connects to the secure internal LAN.
   • Multiple servers allow you to isolate processing tasks. Front-end tasks can be performed on computers that are separate from the computers that process data on the back end. For example, SSL processing can occur on the front-end servers only. From there, the front-end and back-end servers can communicate without the overhead of SSL.
   • The multiserver model has the added benefit of being easier to scale out and make fault tolerant. You can use Windows 2000 NLB to set up a front-end cluster that’s load balanced and use the Windows 2000 Cluster service to set up a back-end cluster that provides failover protection to the data store.

3. What authentication methods does Outlook Web Access support?

   Outlook Web Access supports two authentication methods: Basic and Integrated Windows. Outlook Web Access also supports SSL encryption and Anonymous access.

4. Which authentication method would you recommend?

   SSL (with Basic authentication) should be used. It provides the highest level of security and operability between clients and server because the entire communications session is encrypted.

Review Questions

1. You’re the network administrator for Trey Research. You’re deploying a Web application that incorporates ActiveX controls, client-side scripting, ASP, server-side scripting, COM+ components, and stored procedures. Much of the content for the site will be stored in a SQL Server database. The COM+ components will be in an COM+ application cluster separate from the Web cluster. How should you deploy the application?

   First deploy the COM+ components on the COM+ application cluster and then deploy the rest of the application to the Web cluster.

2. You’re managing a SQL Server database that supports several applications on your Web servers. You decide to partition several of the tables in the database to improve performance. What two methods can you use to access the partitioned data?

   You can use a distributed partition view or data-dependent routing to access the partitioned data.

3. After you partition the data in your SQL Server database, you decide to implement a fault-tolerant solution to ensure the data’s availability. What two high-availability solutions can you use in conjunction with partitioning?

   You can use failover clustering and log shipping in conjunction with partitioning to provide a high-availability solution.

4. You’re configuring your Web site to support Outlook Web Access so that users can access their e-mail accounts through a browser. You’re trying to determine how to set up the Exchange 2000 Server environment to support your users. You want the environment to support a unified namespace, and you want to isolate the data store from attacks. Which Exchange configuration model should you use?

   You should use the multiserver model because it supports a unified namespace and back-end isolation. This configuration also allows you to isolate processing tasks such as SSL encryption and decryption.

5. You’re setting up Outlook Web Access for your company’s employees so that they can access their e-mail accounts through a browser. You plan to use a multiserver configuration and Windows clustering technologies to create a front-end NLB cluster and a back-end Cluster service cluster. You want to provide the highest level of security and operability between clients and servers by encrypting the entire communication session. Which protocol should you use?

   You should use SSL along with Basic authentication to provide the maximum security.

Chapter 10 - Network Security

Activity Questions

1. Why can’t users access the Web site?

   The IIS Read permission hasn’t been granted to the site. Although the NTFS Read permission has been granted to the IUSR_computername account, the most restrictive permissions apply to the directory, which, in this case, are the IIS permissions.

2. Assume that the IIS Read permission has been enabled but that nonanonymous users would be accessing the account rather than anonymous users. How would you need to modify the permissions?

   You should remove the IUSR_computername account from the DACL for the directory and add the appropriate users or groups to the DACL.

3. What steps in the access process occur when a user attempts to access a resource?

   IIS verifies that the IP address, network, and domain name aren’t denied access. IIS then authenticates the user and, assuming the user is authenticated, authorizes the user. If a custom authentication application has been implemented, that application then authenticates the user. Finally, the user is authenticated by verifying the NTFS permissions set for that directory.

Lab Questions

Exercise 1: Planning an Authentication and Encryption Strategy

1. What authentication models does IIS support and how do these models differ?

   IIS supports five authentication models: Anonymous, Basic, Integrated Windows, Digest, and client certificate mapping. This rest of this section discusses each of these models. IIS supports the following authentication models:

   • Anonymous access Anonymous access allows all Web clients to access a site and works with most browsers. IIS uses the IUSR_computername account to provide anonymous users with the right to log on locally. Anonymous access provides no authentication. If password synchronization is enabled, Anonymous access can’t access remote resources; however, if synchronization is disabled, Anonymous access can access remote resources.
   • Basic authentication Basic authentication requires that a user provide credentials in order to log on to the system. Users must have local logon rights to the Web server in order to be authenticated. Most browsers support Basic authentication. In Basic authentication passwords are encoded, but not securely encrypted, so the authentication process isn’t very secure. However, you can use Basic authentication along with SSL to establish a secure session.
   • Integrated Windows authentication Integrated Windows authentication is more secure than Basic authentication, and it supports NTLM authentication and Kerberos authentication. Integrated Windows authentication can’t be used through proxy server connections and has limited browser support.
   • Digest authentication Digest authentication encrypts passwords before transmitting them from the client to the server, and it can be used through proxy server connections. However, Digest authentication is supported only for Windows 2000 domains, and only a few browsers, including Internet Explorer 5.0, support this authentication model. Digest authentication requires Active Directory.
   • Client certificate mapping You can use certificate mapping in IIS to authenticate users by mapping certificates to Windows 2000 user accounts. When certificate mapping is enabled in IIS, Windows 2000 authenticates users and grants rights and permissions based on the mapped user account. IIS supports two types of certificate mapping: one-to-one and one-to-many. Certificate mapping is very scalable and secure, but not all browsers support it. In addition, certificate mapping can be cumbersome to configure.

2. Which authentication model should you use?

   You should use Basic authentication because it’s compatible with most Web browsers.

3. What are the limitations on the authentication model you chose?

   User credentials aren’t secure because they aren’t encrypted.

4. In addition to authenticating users, you must ensure that all data transmitted between the users and the Web site is secure in order to ensure that data’s privacy and integrity. One way to secure data is through encryption. What are several methods that you can use to encrypt data and how are those methods different?

   You can use the following methods to encrypt the data:

   • SSL SSL is an Internet standard commonly used to encrypt data. However, applications that use SSL must be SSL-aware, as most Web browsers and Web servers are. SSL requires considerable processor resources, compared to not encrypting and decrypting data. SSL supports authentication through the use of public key certificates.
   • IPSec IPSec works at the IP layer of the TCP/IP protocol stack and is transparent to most applications. This offers a high level of protection for most applications, services, and upper layer protocols. IPSec supports authentication through Kerberos authentication, public key certificates, and preshared key values. However, to use IPSec, the computers on both ends of the communication link must be configured with Windows 2000 and have IPSec security policies defined. In addition, IPSec requires more processor power than SSL.
   • EFS EFS can be used to protect sensitive data stored on a disk, but it doesn’t protect data transmitted over a network.

5. How can you make data transferred between clients and the Web servers secure?

   You should use SSL to secure the data. You can’t use IPSec because not all browsers support it, and you can’t use EFS to protect the data that’s being transferred between the clients and the Web servers. However, you can use IPSec on the back end of your network to protect data transmitted within your private network, and you can use EFS to encrypt data where it’s stored on a drive.

Exercise 2: Planning an Authorization Strategy

1. Before you determine how users will be authorized, you decide to review the access process so that you have a complete picture of how users will access resources. What steps will the access process follow?

   The access process will involve the following steps:

   • IIS determines whether the client’s IP address should be denied access to the Web site or virtual directory.
   • If a user’s IP address is accepted by IIS, the user is authenticated by one of the following authentication methods supported by IIS: Anonymous, Basic, Integrated Windows, Digest, or client certificate mapping. In this case, Basic authentication is used.
   • Once a user is authenticated, IIS determines what permissions have been assigned to the resource that the user is trying to access.
   • If custom authentication is used, users are authenticated after they’ve been authorized by IIS. Custom authentication isn’t being used in this case.
   • IIS uses the security context of the authenticated user to try to gain access to a specific resource, based on the NTFS permissions granted to that user.

2. IIS permissions apply to all users trying to access the Web site. How should you set up those permissions?

   Users should be granted the Read permission on the home directory and the Scripts Only execute permission.

3. Unlike IIS permissions, NTFS permissions apply to specific users and groups. How should you set up those permissions?

   In the related directories, remove all unnecessary users and groups, keeping only the required administrative users and groups. Grant these users the Full Control permission. Add the Customers group, and grant that group the Read & Execute permission.

Exercise 3: Planning a Firewall Strategy

• What are the two basic perimeter network topologies that you can use to set up your firewalls and how do these topologies differ?

There are two basic perimeter network topologies:

• Single firewall A single firewall is the simplest way to set up your perimeter network. In this configuration you use one firewall configured with three NICs. One NIC is connected to the private network, one to the Internet, and one to the perimeter network.
• Back-to-back firewalls In a perimeter network that’s configured with back-to-back firewalls, a firewall is located on either side of the perimeter network. The front end of the perimeter network is connected to the Internet through one of the firewalls, and the back end of the perimeter network is connected to the corporate network through the other firewall.
• You want to maximize the amount of security that you provide your network through firewalls. Which configuration should you use?

You should use the back-to-back configuration.

• You also want to protect your database as much as possible through the use of firewalls. How many firewalls should you use in your network?

You should use three firewalls—one in front of the Web servers, one between the Web servers and the data servers, and one between the perimeter network and the private network, as shown in the following illustration:



Review Questions

1. You’re the network administrator for Consolidated Messenger. Your organization is implementing an online tracking application that allows customers to determine the status of packages that are being delivered. In order to check on the status of their orders, users must supply the tracking numbers that were provided when they shipped their packages. The tracking numbers aren’t tied to any user accounts or authentication data stores, and users don’t have to provide any information other than the tracking numbers. Which authentication model can you use for your Web site?

   You can use Anonymous access for your customers because they aren’t required to provide credentials in order to log on to the system.

2. Your company, Adventure Works, has implemented a Web site that allows users to access information about various locations around the world. The site uses ASP applications to access data from a SQL Server database. You configure the site with Anonymous access and configure IIS permissions on the Home directory with the Read permission and the Scripts Only execute permission. Next, you configure NTFS permissions on the Web directory. You add the IUSR_computername account to the directory and configure the account with the Read permission. When users try to access the Web site, they can read the static content on the home page but they can’t execute any of the ASP applications. What is the likeliest cause of the problem?

   You need to grant the Read & Execute permission to the IUSR_computername account.

3. You’re setting up a Web site for Trey Research. Your customers must log on to the site and be authenticated in order to access resources on the site. Your customers use different types of browsers to access the site, and their computers are set up with different types of operating systems. You implement IPSec in order to protect data as it’s being transmitted between the client computers and the Web servers; however, many clients are unable to establish a secure connection. What is the likeliest cause of the problem?

   IPSec requires that both ends of the communication link be configured with Windows 2000.

4. You’re the network administrator for a small organization that provides online Web services to its customers. The site contains only static content, which is all located on the IIS server. IIS is configured to allow Anonymous access. You want to implement a firewall solution that’s inexpensive to implement, that’s easy to administer, and that separates the perimeter network from the rest of the network so that the private network isn’t dependent on the perimeter network’s availability in order to access the Internet. Which firewall solution should you use?

   You should use the single-firewall solution so that one firewall is configured with three NICs. One NIC is connected to the private network, one to the Internet, and one to the perimeter network.

Chapter 11 - Systems Monitoring and Disaster Recovery

Activity 11.1 Questions

1. How can you log data about processor usage and then view that data?

   You can create a counter log in Performance Logs and Alerts to collect the data. You can then use System Monitor to view that data.

2. After you view the log data, you realize the processors reach maximum capacity a couple of times a day. You decide that you want to be notified whenever usage exceeds 80 percent. How can you be notified when usage exceeds the 80 percent threshold?

   You can create an alert in Performance Logs And Alerts. You can configure the alert with the Processor\% Processor Time counter and set the alert value to be over 80. When you configure the alert, you should configure the action so that you’re notified when the threshold is reached.

3. Which counters, in addition to Processor\% Processor Time, should you consider monitoring in order to collect data about processor activity?

   You should consider monitoring the following counters: System\Processor Queue Length, Processor\% Privileged Time, Processor\% User Time, and Process\% Processor Time.

Activity 11.2 Questions

1. Which method should you use to audit the Web site?

   You should use IIS logging to audit the Web site, and you should save your files in the W3C Extended log file format because this format allows you to specify which fields to include in your logs.

2. What tool can you use to view the logs?

   You can use a text editor such as Notepad to view the logs.

3. Why haven’t the events been recorded in the Security log?

   Before one of these events can be recorded in the Security log, you must configure the Audit Object Access audit policy in Group Policy. You should configure the policy to log successful attempts and failed attempts.

4. Why haven’t failed events been recorded in the Security log?

   The most likely cause for failed events not appearing in the Security log is that either the directory properties weren’t configured to record failed events or the audit policy wasn’t configured to record failed events.

Lab Questions

Exercise 1: Designing a System Monitoring Strategy

1. The first step in your monitoring strategy is to collect performance data about memory. What five components of memory should you monitor?

   You should monitor available memory, paging, file system cache, paging file size, and memory pool size.

2. Why should you monitor memory before monitoring any other components?

   Inadequate memory can result in other parts of your system appearing as though the problems reside there. For example, what might appear on the surface as poor disk or processor performance can in fact be as a result of a memory problem. You should rule out memory performance problems before investigating other components.

3. Next, you want to monitor the processors in your system. You plan to collect information about processor activity, IIS service connections, and IIS threads. What types of information should you collect about each of these categories?

   Data about processor activity should include processor queue length and processor time percentages. Data about IIS connections should include the Web service and FTP service. Data about IIS threads should include thread count, processor time, and context switches.

4. The next step in your strategy is to collect data about network I/O. Specifically, you plan to collect data about transmission rates and TCP connections. What type of information should you collect about transmission rates and TCP connections?

   Transmission rate data should include bytes sent and received by the Web service, FTP service, and SMTP service. You should also collect sent and received data about TCP segments, IP datagrams, and the network interface. TCP connection data should include information about established, failed, and reset connections.

5. Finally, you plan to monitor your Web applications. What components should you monitor?

   You should monitor ASP requests and Web service GET and POST requests.

6. Suppose that, during your analysis of the data, you discover periods of long, sustained queue lengths. What might be causing these long queue lengths?

   A long, sustained queue length indicates that a processor can’t handle the load assigned to it. As a result, threads are being kept waiting. A sustained queue length of two or more threads can indicate a processor bottleneck.

Exercise 2: Designing a Security Auditing Strategy

1. The first step in your strategy is to configure audit policies that allow you to log specific events. How do you configure audit policies?

   To configure audit policies, you must configure your Group Policy settings in the Group Policy snap-in. For each policy, you can configure successful attempts, failed attempts, or both.

2. You’re specifically concerned with auditing access to certain directories and files. You want to log events about successful and failed attempts to access resources. Which audit policy or policies should you configure and how should you configure that policy?

   You should configure the Audit Object Access policy to audit successful attempts and failed attempts.

3. Once you’ve configured Group Policy, you decide that you want to audit the Inetpub\Scripts directory. What step do you need to take to configure auditing on that directory?

   You must set up auditing in the properties of the Inetpub\Scripts directory. To access the auditing properties, click Advanced on the Security tab of the Scripts Properties dialog box. You can configure auditing on the Auditing tab of the Access Control Settings For Scripts dialog box.

4. Once you’ve configured auditing on the Inetpub\Scripts directory, you want to be able to view the Security log regularly to view any events that might have been generated. How do you view the Security log?

   You use Event Viewer to view the Security log.

5. In addition to auditing events, you want to log activity about your Web site. Specifically, you want to log date, time, client IP address, and username for each user who logs on to the site. At this time you don’t want to log any other information about the site because you want to limit the size of your log files. How can you log this information?

   You can set up logging through the Internet Information Services tool. Open the properties for the specific site, and enable logging. You should use W3C Extended format for your log because this format allows you to specify which fields to log.

6. Once you’ve logged data about your users, how can you view that data?

   You can use a text editor such as Notepad to view data in a W3C Extended format.

7. What log file formats does IIS logging support?

   IIS logging supports the following log file formats: Microsoft IIS, NCSA Common, ODBC Logging, and W3C Extended.

8. You decide that, although you want to log activity to your Web site, you don’t want to log activity on the Images directory, which is a part of the site. How do you disable logging on the Images directory?

   You disable logging on the Images directory through the properties for that directory (on the Directory tab of the Images Properties dialog box), which you access through the Internet Information Services tool.

Review Questions

1. You want to monitor performance on your Windows 2000 computer. You want to first establish a baseline and then conduct ongoing monitoring. Which Microsoft tool allows you to establish a baseline and then measure the ongoing performance of your system?

   You can use the Performance tool in Windows 2000 Server to establish a baseline and then monitor performance on an ongoing basis.

2. You’re the network administrator for your organization and you’re monitoring performance on an IIS server. You discover that the Inetinfo working set often uses all the available RAM. In addition, during those peak usages of RAM disk activity is high. What’s the most likely cause of the problem?

   You don’t have enough physical memory on your server.

3. You’re auditing logon events on your IIS server. You’re interested only in failed logon events; however, the Security log shows successful logon attempts and failed logon events. As a result, your log reaches its maximum size too quickly. How can you log only failed events?

   Configure the applicable audit policies in Group Policy to log only failed attempts.

4. You’re using IIS logging to log the activity on your Web site. You want to log all events to a SQL Server database. You create a database, a data source name (DSN), and a table within the database to store the logged events. Which log format should you use when configuring IIS logging?

   You should use the ODBC Logging format.

5. You’re developing a disaster recovery strategy for your IIS servers. As part of that strategy, you determine that you must prepare recovery systems to have in place should a disaster occur. You create the necessary Windows 2000 Setup disks, Startup disks, and ERDs. What other step should you take in preparing your recovery systems?

   You should back up your data to ensure against the loss of any critical system state data, files, or other data important to your system. Your backup strategy should include regularly scheduled backup jobs so that the data is as current as reasonably possible if you should need to restore that data.

6. As part of a disaster recovery strategy that you’re developing for your organization, you plan to test various system components to try to predict failure and to practice recovery procedures. Your tests will include internal and external components. What situations should you try to simulate when you stress test your system?

   You should try to simulate heavy network loads, heavy disk I/O, heavy use of file and application servers, and large numbers of users simultaneously logged on.