In-Depth

Take Control of Your Network

First, adopt a method and then take inventory.

• By Danielle Ruest and Nelson Ruest
• 01/01/2004

One answer is by implementing proactive measures in your network. With a little imagination and the use of some free tools, you can get started on the path to proactive network management, even with reduced resources.

The “Method” Method
The place to start is with a method—a method that will let you gain a better understanding of how your network works and how it delivers services. One good method is the lifecycle approach. This is based on the concept that everything in a network—servers, workstations, services, software and so on—has a lifecycle. By identifying and knowing how each lifecycle works, you can increase your control over it and even anticipate problems before they occur.

There are a lot of sources for life-cycle approaches, but one good example was first illustrated by Microsoft in a white paper entitled “Planning, Deploying and Managing Highly Available Solutions,” released in May 1999, online at http://www.microsoft.com/technet/archive/ (choose IT Tasks | Plan | System Planning | Planning, Deploying and Managing…). This paper identified an IT service lifecycle with four phases:

Planning. Identifying and preparing solutions for deployment.

Deployment. Acquiring, packaging, configuring, installing and testing deployment strategies.

Production. Problem, change, optimization and administration management within the production network.

Retirement. Replacement/upgrade planning and removal of obsolete technologies and processes.

Planning is based on the management of change requests. Whenever a new request comes in, it needs to be reviewed, analyzed and then, if it’s a request for a service not already covered in the existing network, prepared appropriately. The preparation involves the design of a proper architecture for the service, one that fits within existing global or enterprise architectural orientations. A better understanding of the service can be achieved through functional testing.

Next comes the preparation of the service for delivery to the network. This phase is focused on certification of the new service. This involves a refinement of the architecture, detailing how the service is to be installed and used, followed by installation and configuration packaging to automate the process. Here, a strong emphasis is placed on service cohabitation—cohabitation and perhaps collaboration with all of the existing services in the network. Once again, the service undergoes thorough testing, including deployment testing through a pilot project or a proof of concept if the testing can be done in a smaller scale. Once all tests are complete and results are documented, the service is deployed.

It then passes to the production phase. This phase concentrates on the operation of the service. It begins with an update of existing inventories (this part is often tied to the actual deployment), followed by a process for change tracking for the service. Since the service is deployed, it will require both problem management and user support in addition to the administration of service availability. This is done through regular backups and data protection as well as security verifications and service maintenance. If data is associated with the service, storage management will also be involved. Service operation also entails service level agreement maintenance. This is done through performance tuning, capacity adjustments, and the generation of statistics on availability, reliability and responsiveness of the service.

Finally, once the service has exhausted its value to the business (its operation costs outweigh the benefits it brings), it must be retired and replaced. This is done through managed obsolescence—the verification of the continued usefulness of a product or service within the network. When it has been determined that retirement is required, you proceed to the removal of the service from the network and the process begins all over again with a replacement service.

The service lifecycle details many of the steps you would undergo for the addition, use and removal of almost any network component. While this description doesn’t provide complete details for the operation of the lifecycle network management method, it does give you enough of a starting point to adapt it to your own needs.

Find Out What You’ve Got
It’s possible to adapt and implement a lifecycle model without a massive migration project. The first thing you need to do (if you haven’t already done so) is gain a high degree of familiarity with your existing network—what services it already delivers; what components it includes; which servers may be able to host the new service and so on. For this, you need inventories. Few organizations have comprehensive inventories and documentation on their network. Yet, how can anyone manage or administer a network if they don’t know what it contains? Unfortunately, many administrators do just that every single day.

Taking inventories doesn’t have to be difficult. In many cases, it doesn’t even require a commercial inventory product. One of the best ways to perform a comprehensive inventory is to use a logon or startup script. This can be as simple as a batch or command file that verifies specific items found on each system. If you’re already running Windows 2000, Windows XP or Windows Server 2003, you can assign a startup script to every machine in your network, including both servers and workstations, through the use of Group Policy Objects. If you’re still on NT, then you’ll need to focus on the user logon script since it doesn’t support startup scripts.

If you’re not into scripts, Microsoft offers other tools that can help you gather all sorts of inventory information. For example, the Microsoft Baseline Security Analyzer (available by keyword search at www.microsoft.com/downloads) lets you identify essential security information about each one of the computers in your network. This information lets you know which OS version runs on a computer. Another tool, the Office Update Inventory Tool, is also available to let you identify which Office components are installed on any computer in your network.

While the latter only reports on Office (2000 or later), Microsoft offers another free tool, the Software Inventory Analyzer, that covers all Microsoft products on any computer in your network. This tool was produced to help in its anti-piracy drive. For information about all the software products on a PC, you can use the Microsoft Application Compatibility Analyzer. While designed to report on application compatibility for the purpose of operating system upgrades, it still generates a report on the software and applications found on each computer in your network and sorts it by computer, department or application.

Network inventories should also include other useful information such as free disk space, printers and Group Policy. For the first, you can use freedisk.exe, a utility formerly included in Windows Resource Kits, which is now an integral part of Windows 2003. For printer status, you can use new scripts included with Windows 2003. These scripts work on Win2K and XP as well as NT; but if you use them on NT, you’ll need to install the PrnAdmin.dll file to support the operation of the scripts. The prnmngr.vbs script is specifically designed to list all printers, queues and drivers on any Windows computer.

Gathering and interpreting inventories will give you a better understanding of where you are. Next, you can begin to work on the elaboration of standard operating procedures. These don’t need to be complicated or static. They do need to be simple and flexible because their purpose isn’t to constrain, but rather guide operators in given situations.

Follow these steps and you’ll be well on your way to proactive network management. You know where you stand and won’t lose sight of it. Now, you can turn to your colleagues in need and tell them the first precept of proactive network management: Know thy network!